portaldosaopaulino.com.br Open in urlscan Pro
2606:4700:3036::ac43:c9b1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://portaldosaopaulino.com.br/
Effective URL:
https://portaldosaopaulino.com.br/
Submission: On December 09 via api (December 9th 2023, 9:14:24 pm UTC) from US — Scanned from DE

Summary HTTP 207 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 47 IPs in 8 countries across 38 domains to perform 207 HTTP transactions. The main IP is 2606:4700:3036::ac43:c9b1, located in United States and belongs to CLOUDFLARENET, US. The main domain is portaldosaopaulino.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 26th 2023. Valid for: a year.

This is the only time portaldosaopaulino.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 42	2606:4700:303... 2606:4700:3036::ac43:c9b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::ac43:4637	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:212... 2600:9000:2127:9600:1:825a:8300:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:440... 2606:4700:4400::6812:2a64	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.201.123.184 35.201.123.184	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
2	65.9.95.81 65.9.95.81	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.122 65.9.66.122	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	52.212.5.247 52.212.5.247	16509 (AMAZON-02) (AMAZON-02)
6	34.102.185.99 34.102.185.99	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	167.235.142.248 167.235.142.248	24940 (HETZNER-AS) (HETZNER-AS)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5 11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:1ec:bdf::63 2620:1ec:bdf::63	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.18.28.137 104.18.28.137	() ()
207	47

42 2606:4700:3036::ac43:c9b1 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

portaldosaopaulino.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

tracker.myth.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::ac43:4637 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pn.vg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:9600:1:825a:8300:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.nsn-server.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:4400::6812:2a64 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
call.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.95.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-81.prg50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

pm-widget.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.5.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-9964-3.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.235.142.248 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.248.142.235.167.clients.your-server.de

ad.vsrv.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.6 (United States) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.153 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

info.nsmedia-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.nsmedia-advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::63 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b1.trickyrock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.28.137 (None, )

ASN- ()

www.bwin.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	portaldosaopaulino.com.br 2 redirects portaldosaopaulino.com.br	743 KB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148	354 KB
29	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	293 KB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	313 KB
12	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	884 KB
9	tailtarget.com tags.t.tailtarget.com — Cisco Umbrella Rank: 71029 d.tailtarget.com — Cisco Umbrella Rank: 77929 tt-9964-3.seg.t.tailtarget.com — Cisco Umbrella Rank: 227227 b.t.tailtarget.com — Cisco Umbrella Rank: 60259 cm.t.tailtarget.com — Cisco Umbrella Rank: 17921 t.tailtarget.com — Cisco Umbrella Rank: 15832	38 KB
6	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 480 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	4 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	65 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	778 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2189	21 KB
4	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811	8 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1020 pm-widget.taboola.com — Cisco Umbrella Rank: 3686	257 KB
3	nsmedia-advertising.com info.nsmedia-advertising.com — Cisco Umbrella Rank: 371862 c.nsmedia-advertising.com — Cisco Umbrella Rank: 337302	2 KB
3	vsrv.media ad.vsrv.media	31 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	192 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643	672 B
3	cleverwebserver.com scripts.cleverwebserver.com — Cisco Umbrella Rank: 27971 ui.cleverwebserver.com — Cisco Umbrella Rank: 28712 call.cleverwebserver.com — Cisco Umbrella Rank: 29496	48 KB
3	pn.vg cdn.pn.vg — Cisco Umbrella Rank: 117582	73 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
2	trickyrock.com 1 redirects b1.trickyrock.com — Cisco Umbrella Rank: 161353	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	26 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 650	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4497	647 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 172	3 KB
2	myth.dev tracker.myth.dev — Cisco Umbrella Rank: 721254	2 KB
1	bwin.de www.bwin.de
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 749	464 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	13 KB
1	nsn-server.xyz scripts.nsn-server.xyz — Cisco Umbrella Rank: 290008	160 KB
0	loopme.me Failed csync.loopme.me Failed
207	38

	Domain	Requested by
42	portaldosaopaulino.com.br	2 redirects portaldosaopaulino.com.br cdn.pn.vg
23	s0.2mdn.net	portaldosaopaulino.com.br s0.2mdn.net
14	pagead2.googlesyndication.com	portaldosaopaulino.com.br pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
13	tpc.googlesyndication.com	portaldosaopaulino.com.br 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
12	www.googletagmanager.com	portaldosaopaulino.com.br www.googletagmanager.com tags.t.tailtarget.com
11	cm.g.doubleclick.net	5 redirects 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googletagmanager.com portaldosaopaulino.com.br 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
7	securepubads.g.doubleclick.net	portaldosaopaulino.com.br securepubads.g.doubleclick.net 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com www.googletagservices.com
5	www.google.com	1 redirects portaldosaopaulino.com.br tpc.googlesyndication.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.de	portaldosaopaulino.com.br
4	602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ad.vsrv.media	602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com ad.vsrv.media
3	www.gstatic.com	portaldosaopaulino.com.br 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
3	www.googletagservices.com	portaldosaopaulino.com.br 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	gum.criteo.com	1 redirects cdn.taboola.com static.criteo.net
3	cdn.pn.vg	portaldosaopaulino.com.br cdn.pn.vg
3	fonts.googleapis.com	portaldosaopaulino.com.br 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
2	b1.trickyrock.com	1 redirects c.nsmedia-advertising.com
2	c.nsmedia-advertising.com	scripts.nsn-server.xyz
2	cdnjs.cloudflare.com	s0.2mdn.net
2	ad.doubleclick.net	portaldosaopaulino.com.br
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-9964-3.seg.t.tailtarget.com	portaldosaopaulino.com.br d.tailtarget.com
2	d.tailtarget.com	portaldosaopaulino.com.br d.tailtarget.com
2	oajs.openx.net	1 redirects portaldosaopaulino.com.br
2	pm-widget.taboola.com	cdn.taboola.com pm-widget.taboola.com
2	fonts.gstatic.com	fonts.googleapis.com
2	sb.scorecardresearch.com	portaldosaopaulino.com.br
2	cdn.taboola.com	portaldosaopaulino.com.br cdn.taboola.com
2	tracker.myth.dev	portaldosaopaulino.com.br tracker.myth.dev
1	www.bwin.de	c.nsmedia-advertising.com
1	info.nsmedia-advertising.com	scripts.nsn-server.xyz
1	sync-tm.everesttech.net	1 redirects
1	cms.quantserve.com	602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
1	r.turn.com	602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	t.tailtarget.com	portaldosaopaulino.com.br
1	cm.t.tailtarget.com	portaldosaopaulino.com.br
1	www.facebook.com	portaldosaopaulino.com.br
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	portaldosaopaulino.com.br
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	call.cleverwebserver.com	portaldosaopaulino.com.br
1	ui.cleverwebserver.com	portaldosaopaulino.com.br
1	tags.t.tailtarget.com	portaldosaopaulino.com.br
1	scripts.cleverwebserver.com	portaldosaopaulino.com.br
1	scripts.nsn-server.xyz	portaldosaopaulino.com.br
0	csync.loopme.me Failed	602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
207	61

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com
wecel.com.br
instagram.com
youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-03-26` - `2024-03-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
myth.dev E1	`2023-11-01` - `2024-01-30`	3 months	crt.sh
pn.vg GTS CA 1P5	`2023-10-25` - `2024-01-23`	3 months	crt.sh
scripts.nsn-server.xyz Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cleverwebserver.com Cloudflare Inc ECC CA-3	`2023-08-06` - `2024-08-04`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-08-09`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
ad.vsrv.media R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-18` - `2023-12-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
nsmedia-advertising.com GTS CA 1P5	`2023-11-17` - `2024-02-15`	3 months	crt.sh
affiliates.kindredplc.com Trustwave Organization Validation SHA256 CA, Level 1	`2023-08-17` - `2024-08-16`	a year	crt.sh
*.bwin.de DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-31` - `2024-08-27`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://portaldosaopaulino.com.br/
Frame ID: 275458038C16D4CAE70D2428C8D7BC00
Requests: 115 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html
Frame ID: 69106E7B06BC241946C3A237CCB32AD2
Requests: 1 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7D06014EBD753ABD1F6E091EE924DF26
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldosaopaulino.com.br
Frame ID: 9B8A0C17DF8C02CD08F1F31BAF1B4558
Requests: 2 HTTP requests in this frame

Frame: https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
Frame ID: 98BC7949209CC4414D5F623DF8C2626C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1702156458&plaf=2%3A2%2C7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702156457733&bpp=3&bdt=504&idt=439&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2540047951256&frm=20&pv=2&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079866%2C31079979%2C44795922%2C95320378%2C95320885&oid=2&pvsid=1321651908090885&tmod=66995599&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=453
Frame ID: D3BB1A5661F6D3C85E03E318C833338A
Requests: 1 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A468CE19FCF544481006389DFE42A71E
Requests: 5 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 97F4A7297734D0E7610B34AF0BDD990A
Requests: 10 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 8D247417019680CF76381531F3132075
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 653D5B538A809A51185B36D0C6CFCD50
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 454E93A77C0D239AF975EE3733A84924
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 8C625E732031FFBE72797EEFAC26CD78
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BCC539EB1E16764CB0FD95F9A9AC8807
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 66B47B8094E39F1103413CB90DB604AE
Requests: 2 HTTP requests in this frame

Frame: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6BE4025D16FDCC8554649E615A0FE127
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Frame ID: 483B17C19C4491A9E791DE59C8866AF7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08A889E04129C57F44BAD7F269F72A77
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 901CCD6E6F0E77F72D906C7262174F8A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
Frame ID: 3AE5FC7E10B2DB5DAFC249E2441B8513
Requests: 24 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Frame ID: 72FB1C4125DA74FB9BEBEAB1D128E959
Requests: 1 HTTP requests in this frame

Frame: https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
Frame ID: 8CB32F2C9DEBFBFCB5E3925EA765534F
Requests: 1 HTTP requests in this frame

Frame: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Frame ID: EA3EB11C3587FC0ABB791E04B1A32887
Requests: 1 HTTP requests in this frame

Frame: https://www.bwin.de/en/mobileportal/contact?wm=5322937
Frame ID: D9C5349CE829E66A8A52A10D6998AE83
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Notícias do São Paulo FC - Portal do São Paulino

Page URL History Show full URLs

http://portaldosaopaulino.com.br/ HTTP 301
https://portaldosaopaulino.com.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

207
Requests

92 %
HTTPS

58 %
IPv6

38
Domains

61
Subdomains

47
IPs

8
Countries

3561 kB
Transfer

10596 kB
Size

49
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/portaldosaopaulinosaopaulo
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/portaldosaopaulinooficial/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/PortalSPaulino
Title: Twitter

Search URL Search Domain Scan URL

URL: https://wecel.com.br/anuncie-wecel/
Title: Anuncie

Search URL Search Domain Scan URL

URL: https://wecel.com.br/fale-conosco/
Title: Contato

Search URL Search Domain Scan URL

URL: https://wecel.com.br/politica-de-privacidade/
Title: Privacidade

Search URL Search Domain Scan URL

URL: https://wecel.com.br/trabalhe-conosco/
Title: Trabalhe Conosco

Search URL Search Domain Scan URL

URL: https://wecel.com.br/comunicar-erro/
Title: Comunicar Erro

Search URL Search Domain Scan URL

URL: https://instagram.com/portaldosaopaulinooficial
Title: Followers

Search URL Search Domain Scan URL

URL: https://wecel.com.br/termo-de-uso/
Title: Termos

Search URL Search Domain Scan URL

URL: https://wecel.com.br/politica-de-cookies/
Title: Cookies

Search URL Search Domain Scan URL

URL: https://youtube.com/channel/UCrNkHRTRk33C9hzYij4B5ng
Title: Subscribers

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://portaldosaopaulino.com.br/ HTTP 301
https://portaldosaopaulino.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1

Request Chain 85

https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldosaopaulino.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldosaopaulino.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2

Request Chain 93

https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0

Request Chain 161

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1&google_push=AXcoOmRugqwzXiFZ4qGmp3AGlEYIQaPfFIi2WjEAch0e6HKGrl5K5P2abhjzQfaHt6oxAi-GTZmy2PtXikNNZyClja8e-WyGpodi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2NDU5NDA5MjI4MDA2NzMyMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1

Request Chain 163

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_cver=1&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N

Request Chain 164

https://d5p.de17a.com/cookies/google?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0- HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-

Request Chain 165

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_cver=1&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu

Request Chain 166

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu

Request Chain 171

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1

Request Chain 172

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTYq71vMBKpFQXweyzHvQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKxFZf_ixol_dJe9jqF1P0o&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1

Request Chain 174

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D

Request Chain 207

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664 HTTP 307
https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF

207 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
portaldosaopaulino.com.br/
Redirect Chain

http://portaldosaopaulino.com.br/
https://portaldosaopaulino.com.br/

187 KB
49 KB

509ms
477ms

Document
text/html

2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.13
Resource Hash: b4d5da27286eef36cb0d5f0ff2e509d72d82151e11fe3d08d8c0aba039fdc9f6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 833041bebf179be6-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 21:14:17 GMT
link: <https://portaldosaopaulino.com.br/wp-json/>; rel="https://api.w.org/" <https://portaldosaopaulino.com.br/wp-json/wp/v2/pages/86>; rel="alternate"; type="application/json" <https://portaldosaopaulino.com.br/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ouj6RGy9x2C5ileGEg5udyw23uWD8bJFkRrm2PNdUlaCxtKKjZZ4xmEtU6G5U%2B5FeDPJYYjN6OHou97Ws9tW2ZSjB6RGY07F7CYcYZvNlq31HKjG0BYEkIuzR0afY%2Ftm5AmLHVowNJWHu8fHBRycJHxPTEPSQU2B"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/8.1.13
x-turbo-charged-by: LiteSpeed

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 833041bc6b471688-SJC
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Dec 2023 21:14:16 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zw6ZgBj3P%2Fx2YY5SepZdfkmJuzLQ1e63bNNn4io9IgBO8A6lOa%2Bjh7r8yX88DG%2Bgf0mYrHxP8V3J%2F09pRBhyzO87j5nXo6zj0k9uTbui2JP1b4AQrfoxE5cbIb1fWWq%2FQyAbVW9dDtu3037XvVkztRACsNEhZgKX"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
alt-svc: h3=":443"; ma=86400
location: https://portaldosaopaulino.com.br/
x-dns-prefetch-control: on
x-litespeed-cache: miss
x-powered-by: PHP/8.1.13
x-redirect-by: WordPress
x-turbo-charged-by: LiteSpeed

GET
H2 200 f4f15d9507bddaeb030d366a2b62fff4.css
portaldosaopaulino.com.br/wp-content/litespeed/css/ 1 MB
169 KB 36ms
35ms Stylesheet
text/css 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b855f317639f2d0b5d010f65280c401552e039e67bff9afc2dbb06dd89e648c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36966
cf-polished: origSize=1388115
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 21 Nov 2023 19:37:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCV2CRlwIFSJhJ8el9ryQ1IcyBA9opQhg3lBGNU2S9YjteAqm3TL6YW%2BAikX1SsdCXMRQBxs16cthXuG7k4Tjyl6Ifw3n64TDcOo8gg%2B%2BlN7ZExHAUhVfVehkV4GjSWHbP8xwGVRUoIxOi3OT90dC5rtT8srdoFo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 833041c1ba8b9be6-FRA
expires: Sun, 08 Dec 2024 16:58:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 177ms
63ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 21:14:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 jquery.min.js Show response
portaldosaopaulino.com.br/wp-includes/js/jquery/ 88 KB
32 KB 29ms
29ms Script
application/javascript 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 04 May 2023 14:52:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86982
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0%2F8LctYTaqpoPKNGd6kme1hewOqHzyDSFXodvZaSgPa%2BbJ12SqQxVgQlOGgMeUeULX0b0VshWRIAGOLUwazI0NTyllgtJkEW9pw6p74pxdnJa76008OzLS7OJstg4AlYpGLscEdtXpOmuBbGXNf%2BRi1bZ3q6LIqn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 833041c1ba8d9be6-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Dec 2024 03:04:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 243ms
121ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847ca8605f476557753ed7da645a0481d984f7dacbfe2116957be3444c6fe7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29304
x-xss-protection: 0
server: cafe
etag: 246 / 19700 / 31079992 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 worker.js Show response
tracker.myth.dev/js/ 1 KB
1 KB 67ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracker.myth.dev/js/worker.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52175
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 09 Dec 2023 06:44:42 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFYRxKVVqgOtGY2%2BWzAZxMhhtpYSRK%2FIjlgFn3dZmQqDXSBjsb49Km4%2FJ21KEUhSMnGhwNtUW%2B9jKB6A%2FVttORgDnpG%2B6iFrWSQkIC8gL7oie2i2%2B31ZC8oIl7rQ%2BKpI%2BtDAtN7Wq%2BIzw7j6h9ha"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400, must-revalidate
cf-ray: 833041c32e8118c1-FRA

GET
H2 200 c21ce561-8fdd-41cf-bfb3-40626a5688cb.js Show response
cdn.pn.vg/sites/ 2 KB
2 KB 98ms
49ms Script
text/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/sites/c21ce561-8fdd-41cf-bfb3-40626a5688cb.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d071bd5b78fd862b103e59b78c4f1d4a921434a564af2bc480df5a8773f1c26e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
via: 1.1 9158fa1ac72d0c0684fe558c8655aeda.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: AMS58-P6
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Mon, 04 Dec 2023 18:58:37 GMT
server: cloudflare
etag: W/"62c98edc20545f2f5e5d396b9c860fed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6K4IDLFl%2Fs5%2FgU8aPOp335ACcg%2Fav5GU1Y6EV7HCE9qiblss7ogo2hbkyeKaV%2Ftdd%2BoT5%2FkNWXnhwGhUi3xixX4eGAhQNkT2VI0rYPVUIpTT0tUbVzxgPdIV4h7TFtDG0ANHiDuJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 833041c3384d5c80-FRA
x-amz-cf-id: qjEQGgEkNr3WS4Rq8rLwVEZuuLfU1qZERbS8FKYeL2E3ukne-hxPaw==

GET
H2 200 65f4819358a0350613fc487595debb5e.js Show response
scripts.nsn-server.xyz/js/ 446 KB
160 KB 120ms
55ms Script
application/javascript 2600:9000:2127:9600:1:825a:8300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:9600:1:825a:8300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6f5edf2e64374522e12e4ffbf608e7cd3fb5ff6b120a8600064173d77404e62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 06:51:49 GMT
content-encoding: gzip
via: 1.1 bb390afd921c223e0fe4921fbc23bbe8.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 11:29:09 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 51749
x-amz-server-side-encryption: AES256
etag: W/"979a39574634933da690da037622d1cd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 19-znyo5VhsHzVLlEPyAiClGlKKDqtW10-lwNRUBOP2Qc-FsXNgeQQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 187 KB
68 KB 182ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-11

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ef184f43e8b7d8995df8350c563f99de9410fa928b78664f1c5e9b972cc087e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
50 KB 197ms
82ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

457d70a382f9be1b2020b363874e10a2f0f4798ea640f2b92a9e898404059580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
52 KB 222ms
107ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1875d9d8f466d3ea4d82ca11837c3d4e8635438162fa3d52629e09d79501989b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52370
x-xss-protection: 0
server: cafe
etag: 3463467874495317995
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 168 KB
61 KB 290ms
175ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WN82V75

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

442353adce06fc2def880e6f81fa675e08086cdcacd1a4a0352c5ae1159b0290

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 62127
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H3 200 ce475bcd225647dd4c1cc16a4f5cba5e.js Show response
portaldosaopaulino.com.br/wp-content/litespeed/js/ 279 KB
83 KB 580ms
580ms Script
application/javascript 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/wp-content/litespeed/js/ce475bcd225647dd4c1cc16a4f5cba5e.js?ver=a207b
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0140705704ef7b1087b2b70920e357f60bfcc1c20232371bd746079fc34a0192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2023 19:37:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yhTMTHEiolggsWt1YsrFawteAhnf3l%2FN6ZvRDTf4xZQ6MgEhz8KuwYnKlvgCbYfoCPURg1DhQINBEoYu31m68pzPVfTTnUbOhR4ZzrGxn4hkuFeSanC6oxBv5oY%2FytnTCHChZUEQB%2FB1iltSuNNsBwug9gwtoObV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 833041c25f7a1903-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H2 200 d6172d2d110646a4384c44faea26b6eb.js Show response
scripts.cleverwebserver.com/ 129 KB
47 KB 129ms
91ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/d6172d2d110646a4384c44faea26b6eb.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47d0cfb7980bf2625e1d0ea022cfe8608a962bf2554d80438563b68780fc62a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
x-amz-version-id: 3Xidbwiow1tqDDQHBw1fUwlIgJE0NNtL
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 22 Nov 2023 14:11:32 GMT
server: cloudflare
x-amz-request-id: RCZ1XVEQDWATAS1B
etag: W/"a08e047bdaee4ec9f331cfdf51dbe6c6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=1800
cf-ray: 833041c32cea9235-FRA
x-amz-id-2: 7cfPd2VIDPoOexG9vEyYXEQT1IZpiTsZTfBOCO5Yzct+hWzkLMbCmGiY1CRckgWUvsZ6fCxtU+Y=
expires: Sat, 09 Dec 2023 21:44:17 GMT

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 73 KB
21 KB 49ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:45:35 GMT
content-encoding: gzip
via: 1.1 google
age: 5322
x-guploader-uploadid: ABPtcPpREMvUNV6PbU2wpTiZdWPkcCx-Mf0VvVxmI-a9jVBa0GS4h3JQrPB_iYXBzQ7JocxsdX4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21234
last-modified: Wed, 13 Sep 2023 13:22:21 GMT
server: nginx/1.8.1
etag: "13721cc7c233ffe3299c16c1f82c8394"
vary: Accept-Encoding
x-goog-generation: 1694611341874847
x-goog-hash: md5=E3Icx8Iz/+MpnBbB+CyDlA==
content-type: application/javascript
cache-control: max-age=7200,public
x-goog-stored-content-length: 21234
accept-ranges: bytes
expires: Sat, 09 Dec 2023 21:45:35 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/portaldocolorado-network/ 534 KB
57 KB 33ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c89c9b6861af5a4742d34dd42ae346eec1548fc87291e681a58dc89bc4cd7ae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vWw8uUnry.FmbgtHBUERGeqzliu3jigv
content-encoding: gzip
via: 1.1 varnish
date: Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id: FHJN22S55ZGEAYN9
age: 54
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 57924
x-amz-id-2: jL3BRnEQJJtSwILuQ+55eU24KBFNqYOcZs1mnagRGqvjXU8yuyl0J9JebnpHsM2QbJtuy0NJsgQ=
x-served-by: cache-fra-eddf8230045-FRA
last-modified: Thu, 07 Dec 2023 13:17:58 GMT
server: AmazonS3
x-timer: S1702156458.505406,VS0,VE1
etag: "f019b9f385e45c9c4e0d84d128bdd565"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 46
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 72ms
24ms Script
application/javascript 65.9.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-81.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:13:04 GMT
content-encoding: gzip
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:13:41 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 32473
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: TCsnUGnIj9W45FXxCr0nHwYj26HICG1JSJuh0BWgeYEs25r0Jd3M6w==

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ad70e9fc5042aff04b7e3525872f856c39f5ea2044289fe97fad73943d7645b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 165 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f8faf0b90a2595f55ae63b5b56315684c5d6dd1b42c1414b4f0970e7c6a3d84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Justica-1-e1702044174297-719x430.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 45 KB
45 KB 571ms
570ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Justica-1-e1702044174297-719x430.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00376f9f7470c6e32e5820d3c1d9fb6d447be4be7394326e1c2d4f2ebfd94de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 14:02:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nuYziSsD5HgOpaKzxxosOKsQwNXq5CO0gZF%2Fu3UVy6gCc1uKasfnn9HRbzySPzaOFTOrVIlL7nrJareO0Omyq9cU76idBaljlnjzFOjBh3oFmLYG6R9f13LNOSfA0beSoXWKM5sJ5qbEj0tZeXhB35F6IKknLyN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308491903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 45864
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 DORIVAL-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/09/ 12 KB
13 KB 351ms
351ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/09/DORIVAL-279x220.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a703ddf118c196b2ee6570b2588e7a28602e5b91004d0a681237a417f2904453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Sat, 23 Sep 2023 22:39:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2%2ByXfs%2Fn9eM4SXgOofmMYW2dAtTlUeouAe8Dxqu9h78QDLMV1UlxT43ikatJRNvkDEWN1yFfsfUu1eS6gtcV6hAMSlNvvxPugFmJWW299qjpjrzwjv9yQVq3GA0SU8oOapvgdYyLT0xaQ7q2NXig%2B5E3DETVUa0"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3084e1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12385
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Silvio-Santos-2-279x220.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/03/ 10 KB
11 KB 357ms
357ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Silvio-Santos-2-279x220.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5076e41fbbf7586f03442f95f43c631be8c11d3890b857451f760d23570fcd02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Mar 2023 17:33:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xDgrJo71ii9LwbgoGlDkeMoOSDj9BwGQMDCoSf9zjeukCwpLOQsB7gAfXkxbRMJIvQJ9vO%2BE6VOla7DjIygKZ2SoDEG0dm2ELETg1RWItxt7jjqNHwPDWGXqDDMDb2r7XI2cgyEk38a0bajOceaxlSJfE9%2BbjMlx"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3084f1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10538
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Cotia-1-SPFC-1-e1689621875233-279x220.jpeg
portaldosaopaulino.com.br/wp-content/uploads/2023/07/ 13 KB
14 KB 370ms
369ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/Cotia-1-SPFC-1-e1689621875233-279x220.jpeg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90fd25c18303d1778941d8042740a293e075e270c80791b5a66b39382a4a44a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 17 Jul 2023 19:24:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vH74m1ctiedf9ckOtQLp7JdLHYGKdZ5NXQB6CoTAheq6qBZkP0b3GzVO82wfAQj3hobjIPYoObWDVKC2rnCRCQim18L0RC9X3I4b5HOy6GvBfR7Il%2FFKbpfMCknEpX2J%2BIIu8DWi0w1D48sWVquOmOipPBYFrT9V"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308531903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 13564
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Nilmar-Selecao-e1701702853567-279x220.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 12 KB
12 KB 352ms
352ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Nilmar-Selecao-e1701702853567-279x220.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7b5a736297a719f1347180cc01a19ec31bec168c813b732d13567b0bff9f016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 15:14:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rQbE3%2FDuflsUyq047Ikeslwou%2FvtIKXNct4KMPiqaH29OmDfZVGCJ8gLzKVkoDsDGmOybq2q1zDy2MN7I%2FkcQd56lydXTzf5EKdNldIhtq5%2B09ram2vVzaD3eQzYndXR9X0SGNV%2FtM7AZpxM5wNKLQOihppS7ERe"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308551903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 12056
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Key-Alves-1-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 15 KB
15 KB 465ms
465ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Key-Alves-1-279x220.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43711d6e4fd52cb1034e62fa99feb977a00ce1d641e31cc3de44fa283a299dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 18:23:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CF%2FBzN1tmmsInZt5a23CZVBeF8sw9AorA8U8rOhodf3fm%2B3wY260yWIzUtJqzNpgX%2FcK0Xq9GcRm9Af4bGk9xe2tGzeSmc1DCokek24WtGFzEvxl3%2F30jgyLZzuoMT2q%2FdIzEbgn4MdLdo53Se1BIDrTNi5G%2Bn0I"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308581903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15090
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Sao-Paulo-Luan-279x220.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/11/ 15 KB
16 KB 466ms
466ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Sao-Paulo-Luan-279x220.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d322d4493ee546f9d38daa49bdeeeedc86784f6dea388373788ac575009f92e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 17 Nov 2023 23:21:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2uv4PrRLD%2BKfaC4Droe2fsWLNtdJMaqdirxW2pOnq8UN6JbZdk65Gf81WRnyU9l37L5ndziL7AeLIFYasYbhqP26ILhNLlBIevJbymD65kHXLFXZQt7%2Fq3er%2Bo8f3ibLb2kpxpD9wUKHwuzwHlPS4%2B4NyQuaHY%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3085c1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15473
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Dorival-Jr-James-Rodriguez-Sao-Paulo-e1695131046396-368x445.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/09/ 25 KB
25 KB 474ms
474ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/09/Dorival-Jr-James-Rodriguez-Sao-Paulo-e1695131046396-368x445.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 598398fff29a70bdbfb62959033dc299369868e867eecf11938e3d7b5b2142d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Sep 2023 13:44:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ij6CeKh8xpcIZ1hWvl6slPY0mOo9U6VoMd4uP9whVcCTjrUIjKjEFJnxKpsvenEkv9WLaTJYueE4bEDQv87%2Bwmedi09%2By55%2F6DjU%2BGaKxs%2BvPJLRZI7bYxGWTLPVyoi4XBHmuuIcZtB%2BdTc0ACJNQBPAS10IYVJ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3085e1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25116
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Dorival-Jr.-Sao-Paulo-treino-e1701101134273-368x445.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/11/ 29 KB
29 KB 481ms
481ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Dorival-Jr.-Sao-Paulo-treino-e1701101134273-368x445.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afe1b8b2a83e8c80262f4ba8cc9ad20741e7bb2f775f359f94b4e25bfeb8a543

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Nov 2023 16:05:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0LgvVjsPsvymfFH6pYSoyBuzzehQTWEKb7Cnfm3XEgMRwamrKLLogT140x3zbANS%2BhX2AejIrNejgVY%2FlmjNC85VLBVXLFIwpZBdphxSZCmhRC8UXqfIQjKF070pd8xAvRFoAnHGvt3%2Bj97gv87nwhpWknW39dI"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308601903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 29196
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Dorival-Gabriel-Barbosa-1-368x445.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 25 KB
26 KB 466ms
466ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Dorival-Gabriel-Barbosa-1-368x445.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6bb2908641f6b227f1915c39a42b8c69b17bd2c1a18cdd863314250891c1a407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Dec 2023 17:59:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ma3hUs%2BFwVwku%2FhV1k58uXoufPM7fmfUq98UStU5ZW0BUJTiDmFzcxaSwXRUGdMgZhdwhzCrsmc7zDCe5VzwEbfCOGhFOj4hP195B1Wa1fffLa8Nv54eMmAAIcorZUj4JPdCzCX%2BFSnwwxgiVEv9GTda3RRFJAkw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308641903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 25800
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 AnyConv.com__Diretoria-e1690828686957-368x445.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/06/ 26 KB
27 KB 478ms
478ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/AnyConv.com__Diretoria-e1690828686957-368x445.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06481698327594a18a0c0effb351ab478f377f5778a1c166a59cc9aa475c1aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 31 Jul 2023 18:38:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOdCECaJpM70Z9PJjZDn64APa5quVvmWZjALnAdmhmdcxElKpJqxP9%2FRzN%2FxXkXGMsVMz6ijz6xyzUaGycAqAzWIa%2BoCi%2FiytB4qEO4QpjiQIUGMD%2FvpIjiC2WbhBbUrw%2FcFk%2FuWSla2g95ghYZhQmM3mvKaw%2Bn5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308681903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 26882
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Casares-1-e1683036943227-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2022/09/ 2 KB
2 KB 365ms
365ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2022/09/Casares-1-e1683036943227-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 49102fa7d8f3d9fe20f5ce11ea6612065754d639c624e9c7306561d797b68d4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 14:15:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWU4u1KkaeGVQteFXnd1elnbyP%2FjWwc7bvz6HRX0Ovrd6Vkib4F43VqY19%2F0KykRAc0UPGBGizW9jEF5AAmNfCZ%2B9Ju9nVoZ3uryQwW7FPS45C1QH6wd7vXIabdaVcUziKeFH%2Fta5J%2FS7hcPt5njpwVNoIErO8qd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308691903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1552
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Riquelme-Boca-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 2 KB
3 KB 353ms
353ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Riquelme-Boca-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8cfc6e8bc2353fbcd4c95185addcd6fc897d8843f6b93e7fc1e0d676e5419a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Dec 2023 13:29:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkNg854mFB6uZX1nK2603VZWzemB3Iog1pxqUYFdpGS3%2Bv1Mei4xFF%2BqPq9AhkIKrz%2FYukZb3eTiZrSjQHlMm%2BJBS6BRno1YNGJJwj5nuzBL1VoarQjfQGOxivzLtsfqRuYK1JlbMZpDU%2FBRQlgL0mykWdITlpHz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3086a1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2248
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Morumbi-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/08/ 2 KB
3 KB 360ms
360ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Morumbi-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6766482d76571f21930a2a9b8dd350199efcd255cf684a3aa7a1ff23d92836b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Wed, 09 Aug 2023 14:41:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thm4vT58eW%2FGWxHRfVhQuNPcjvuZ6tnLAPeIARyZT%2FcOnHQjL4XMvHG2aw%2Fn8R3fNhcI%2FkDRvLtwMEOJUYu8qdcRWdj106CnD9eWKI3bhdFZ4iJ5MH%2BK%2FE1SC%2BSD2ipIalQa41e1U3SLP9NRrlPQsOtptfMFj1zD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3086b1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2220
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Maracana-Flamengo-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/08/ 2 KB
3 KB 363ms
363ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Maracana-Flamengo-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27238ba2620d9d7e85aa82877c1881d1c05147bb6a7970f370deaabeb5bedbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Aug 2023 14:48:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JopP5x5BpGn6bhcsS3sd43pOLIkPLsmLMo%2BIYviS5zLHRLcN9hOH3WjA%2F2zWulknGAP%2FXK3ZK5BpxU9m1bSM5EcEIqnv8r5pAVnzSVJDSq%2FyPzWbP7065pbsPxFeWIYkmLrWFL2NfmlII4qPl6%2BWDVssVbSuWB%2F0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3086d1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2470
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 James-Rodriguez-contrato-e1690812802357-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/07/ 2 KB
2 KB 364ms
363ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/James-Rodriguez-contrato-e1690812802357-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cbfce030d4bcfe922b43cc0c9e4c270a23554843d8b80b4d911d74a38c6a56d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 31 Jul 2023 14:13:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0XFtfvdPrugzOV3KB3%2BtyUd6dALiOqO%2BIv%2FV9YDBQM8AEdvJRjA7A%2FKacxb9XZm%2FbW7Ldzv9AUawzon30HcwI9qaei6WWYIybGRtbsNHXUEJ5iozK%2Bpfz1YL1h0Jt4B%2BdPK1dvoCrMSSwAV03cDnnG4p3LKo3%2B1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3086e1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2016
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Ferreirinha-Gremio-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 2 KB
3 KB 369ms
369ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Ferreirinha-Gremio-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85f244253939c63351b34fb6b40bc7af1a0b8da9a8d79d8f095e34f13152a41f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 22:12:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csh7AFAI1WPyeq7gj8yZbqo9q3Bbm2NXPh0vHt62vTxkSovd%2F%2F8%2B9t2a7PX4YRwIddNz5QRLOl5qykFjsf0LDle%2FQgD%2B1UPfFlkFVddBjV%2Bboqb9zkAO9oQBVKBlvOW%2FMcW98OUn2%2F%2Fox79THRcIvB85vPtbQw%2BH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3086f1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2384
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Arboleda-Sao-Paulo-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/04/ 2 KB
2 KB 365ms
364ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/04/Arboleda-Sao-Paulo-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb627b400414a489b1a13ff70c8983485f6c4063c4b8838aa4a0179a737009b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 14:01:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXOAMP5l%2BW3oh8CdIOVPCfChC8FFdMpnRG9cXUWdtlDUIiS0IGwx3kxCf3nVe7K37xy2gEZqsxdY9kvHRJKw0xM5tKmVhXzp1KLfg6u6JHKqljiKzOKE%2BQc9Jj8Frh38Bg6PQVd7Aq4BAP259Xw9trK%2F9fG930tj"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308701903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1732
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Diretoria-SPFC-2-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/08/ 2 KB
3 KB 368ms
367ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/Diretoria-SPFC-2-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e46a738795240f397d712472e7fcee9e1faf104cac5853ea66b00e2415f42b05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 22 Aug 2023 13:37:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1uIOMcQYCLTo78KCCbWU5v%2B6H86OJZ%2F3Mczq2Z2OmX67qRBzqUX%2Fgy9AQWXgo2kfQXJEb5o8NCsn%2BYk0TkpKhpM42wDBj2LCJdozREKDOwDQhaPU3fSj4o863dlEsvyKdKq3qL3vXknWLFEZZlNqX%2B%2B6876GzwwZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308731903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2511
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Hernanes-e1702071385808-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/10/ 2 KB
3 KB 358ms
357ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/10/Hernanes-e1702071385808-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82827501afec686ff217847bea18cf345ca8e8aa99027ebff98f37e801394b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 21:36:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fs0Bu8L1SYBLjUtBVzH7Jsp3tENi3ji1UacAZjTDtFwW0VQ8oM8faQJP6zWaUtaLeQ5Nq8HZcZSlPvvUwS%2BRrDdwSPOaXSMRAFyM0%2FU49HPX%2F%2Fxw%2FD4aGnygiQYh6g2BWlfTWTEL3jz8XeMgIYHWtJ5PRJWs9eW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308741903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2484
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Leila-Pereira-Crefisa-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/03/ 11 KB
11 KB 371ms
370ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Leila-Pereira-Crefisa-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aacd8572f4abdb803104c089cd42c187a52e4af8291493a7fcfdcde18cd72f14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 10 Mar 2023 19:42:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJJY%2FO8%2BOtKb5EFAlj2ZS%2B4JmpJ%2FA3EJmModhmg1lAXkyK%2BnJqDNYER6FGXqEIkuWZZFnR8HN2yCKX4lbllKw7LXuh%2FP1ek4Zq7RsVXLkScvZTb555wuiVSiQ1jzJMnrA7GPiJl810IoEcsafmt7w80rMQ7d88FL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308761903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 10795
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Sao-Paulo-FC-1-e1699993557293-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/06/ 2 KB
3 KB 377ms
376ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/Sao-Paulo-FC-1-e1699993557293-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5acea0998f8b7454460db5e0c845c6b34b8f5c16b9cb1a51dbda933575162407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 20:25:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSM%2BGHBHVm1N%2BHFVvVH06a9oCkdTOC%2BSKJ6ckDvp098IcCURPL4z3nPwIJdX1O%2B6Y3lJaE80NA9pu9V2QNwD9jW4ffWtzXLJuLMvkxVuUDGDjxs2piF1SLw%2BNBM9Wfd2GH5gZ5fUI217QVuESFbZxhPDX92thiG2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308781903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2506
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Lara-Silva-Faustao-1-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 2 KB
3 KB 373ms
372ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Lara-Silva-Faustao-1-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 375086112b846e1b87e6c17841fd3c45809dadd86fdc553033ed20797147f034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 19:41:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WMqcRJKBkctEoyHJO78NcpLUZRsXMy%2BendLLDKSwSSgmSIbISd2Tkb3crTKIvkGMn3nSV9gJcVjVDHWMX5unA5VgCE1geVPhA4IqI9m3ReRWyaTeiRaFbIoEht3sxeRTjfWAIvciihkvndXdM4OznDoiYx4tgA3"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3087b1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2062
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Barbara-Berlusconi-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/12/ 2 KB
2 KB 360ms
360ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/12/Barbara-Berlusconi-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52d5f0c0f3c7704b63d9e5d676e736069539324697fe77193dcdbe21dab2323f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 08 Dec 2023 19:23:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IETpERCDWKm4R0JJl6FnIh0j4taKmC3QsmKfGiLBATLkRZnV9SmmgprrB%2FBj8P7ddh7E3lobhu56w678Vycj3YoPCymGWGHAGLvtzikB1GPnKI0YMVp2KV1IpYlava%2FzGS3pYe9avXfnPzqYbB6EKBcXR4MPSlL"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c3087f1903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1711
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 John-Textor-Botafogo-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/08/ 9 KB
10 KB 374ms
373ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/08/John-Textor-Botafogo-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 858972a01ffd5fcbf9be0e871ad665a406893d8044857d4292f351b030427f58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 18 Aug 2023 17:03:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xN6vFB2SngutUhvLXFsZTs%2Fprapn36vMQxQWgX90gk58wM40xNHGNn%2BXCOp57n1RGhEefyTi1gTIgeUVd2UnibKhLN2%2F%2Fxo6DOOWz63b4gFacxnHQufzwbHtlwa0KrHZA0aoRfHeXhY9%2FDuavv6kz228L7Hn7Ssx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308801903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 9211
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Sao-Paulo-Cotia-Feminino-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/11/ 2 KB
2 KB 371ms
371ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/11/Sao-Paulo-Cotia-Feminino-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e351e1c8c7adb813f4ef8386d0e523a791ec719dd596a4e95d626cdb8fb447

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Nov 2023 20:12:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Az036IT1CBKrZjl2RrskN0HnbScZdVGXndLuDTDhiLw7sqRRphsRWt%2BEBLXNJB3DYCCyK93UvWGIWj8YEIscj8%2Fegx6EYD%2F%2BAjURlG7BAVmriiY3I2Ec1BnjsirH%2FfqvyuBh1sh1tnHVNRvbSN6pvq9Zn%2BgxKeS4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308811903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1782
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Sao-Paulo-FC-e1689948391519-86x64.jpg
portaldosaopaulino.com.br/wp-content/uploads/2023/03/ 3 KB
3 KB 365ms
364ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/03/Sao-Paulo-FC-e1689948391519-86x64.jpg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3382941f638b5a2e4fd70ee0e8ad677fd62726d922b0b5c7f845fbc8e3e3245c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jul 2023 14:06:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHy3oyMhizlYLarIM3oSARMnV0uHLp0K2%2Fm6dpZ%2BbxQwty0LGzdtOE8BA6pErfDz6l2R8XpXloIcKLElYZKW5%2BWxjFOvS481R7UXlvMKfLi7z63rRhgyD61tA97JIRk1FGBuHSNgVJ0Unsvk3O0Z5VfX2arQ2w3b"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308821903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2697
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Pablo-Maia-Sao-Paulo-86x64.webp
portaldosaopaulino.com.br/wp-content/uploads/2023/07/ 2 KB
2 KB 369ms
369ms Image
image/webp 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/07/Pablo-Maia-Sao-Paulo-86x64.webp
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24f6c5a3eea28dc6a8e6c5a94e828e0a5d6140ebd8e21642120f3ba773d6aadc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jul 2023 14:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZXuh30kpvqEnLBm8eFhdxwznMjT0tk9oU0REcZ%2FWEy5rxJIEwnA%2FuPZ2lWfjo0V7o%2Fvp%2FWK2bpD3x5UtCO914jl6443pb6UAoveraSDpRs9yrMXa%2FTDwCqSC4K84VGjfEdsribusZMT2YIY5SYNCN1JXzPfn8oX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308831903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1850
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H3 200 Sao-Paulo-FC-bandeira-e1696264945497-86x64.jpeg
portaldosaopaulino.com.br/wp-content/uploads/2023/10/ 2 KB
3 KB 374ms
374ms Image
image/jpeg 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/10/Sao-Paulo-FC-bandeira-e1696264945497-86x64.jpeg
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e8f1c3ceab49255a03aa2e22d5f8d92077ea155767fb4c8c3744866d9757e6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 16:42:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yXmh8xW1d%2B6gGGRcBz5vSnG%2BVc6WzYX6CPlo6MLzKR4QxFy5H0Ar0R16URjxSgVHFPAVlDrJ%2F%2FFjQOcGHhbqp9fm5I7wX0QUIV6SaUrJ0ujtjtWdS7HcK1BPzociTv89t4PbFE9FuhSSziPKqIA0b0nbnMuBxEow"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308841903-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2220
expires: Mon, 09 Dec 2024 03:14:17 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 175ms
66ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:18:49 GMT
x-content-type-options: nosniff
age: 50128
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Dec 2024 07:18:49 GMT

GET
H3 200 fontawesome-webfont.woff2
portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 75 KB
76 KB 26ms
26ms Font
font/woff2 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1012093
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Thu, 29 Jul 2021 14:59:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Naw3Na8Sw0AqkIyeJ%2FcPeg8b%2BSGP9gZll4VZG0uuj2pvKIt8e0T6Hf3D3hXKRIdZnCjKVtB%2BhUKGRwt2gYUNt7yl%2FqQp4DXdnInqbV%2FvL%2BN5e2%2Fh%2BTDKzWnye8SSxzMNyYNZjogpBJjE6amB%2BNnRQYkkm14NNV5m"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308851903-FRA
expires: Wed, 27 Nov 2024 10:06:03 GMT

GET
H3 200 bs-icons.woff
portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 20ms
20ms Font
font/woff 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/wp-content/themes/publisher/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer: https://portaldosaopaulino.com.br/wp-content/litespeed/css/f4f15d9507bddaeb030d366a2b62fff4.css?ver=a207b
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 782432
alt-svc: h3=":443"; ma=86400
content-length: 13852
last-modified: Thu, 29 Jul 2021 14:59:32 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pmAD3G9niAW%2FXv4ojQZN732h0Xf48u%2F2Gk6cDkuXwZ7j95%2FvK1%2FTn9U8HdpuB2xlw8vXpX8IOj%2FZZVXg0lFfT9I6tRWqZC1ud%2F%2BSeldGw2HeiNZJN5E3LdUUu0DIS1AAUpLuzkFM0Ke9n7oSFRaZEQPfzOOHoMoo"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c308871903-FRA
expires: Sat, 30 Nov 2024 01:53:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 158ms
53ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500,600%7CRoboto:500,400,400italic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:55:14 GMT
x-content-type-options: nosniff
age: 91143
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:55:14 GMT

POST
H3 202 event Show response
tracker.myth.dev/api/ 2 B
523 B 65ms
47ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.myth.dev/api/event
Requested by: Host: tracker.myth.dev
URL: https://tracker.myth.dev/js/worker.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://portaldosaopaulino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YSdeAKaFMhuxdzV1s1M6IfWJIQcvaluseTzkcw9%2F0kZV9u1yx1LQ01wRxHDaPwByT1ZmzBqy0LAT1DPPRxGow0EGvs%2BrMOR5SNzsLa7iWrMbtrfKW%2Bq6aFhigu0HrmvPpMKmF%2F67l%2BmwvixqwKzk"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 833041c37b723648-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F59GR5xao_SQ7CxSBtDh

GET
H2 200 load.js Show response
pm-widget.taboola.com/portaldocolorado-network/ 3 KB
1 KB 16ms
10ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/portaldocolorado-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfD1JschBRuBTXTESjhXjM97e2Bmfh6U
content-encoding: gzip
via: 1.1 varnish
date: Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id: FHA315WPVWRHJMXM
age: 2884
x-cache: HIT
content-length: 1144
x-amz-id-2: LsJss3qLzHbiumpcr3HD+uQzY4byu6u7BT5XYya+eI5MnylEjNnw0pMk5hhjVag2TqsY8/WXq/s=
x-served-by: cache-fra-eddf8230045-FRA
last-modified: Tue, 03 Oct 2023 04:45:58 GMT
server: AmazonS3
x-timer: S1702156458.548071,VS0,VE1
etag: "ee37256a778c03e55a2eaddf126931d9"
vary: Accept-Encoding,
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 impl.20231207-12-RELEASE.js Show response
cdn.taboola.com/libtrc/ 819 KB
170 KB 7ms
6ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/portaldocolorado-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: Mhb0FGAcBXo50kmRZY65RdfvNFTxz7i6
content-encoding: br
via: 1.1 varnish
date: Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id: M0RH4PRHWQ4W06JV
age: 28632
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 173829
x-amz-id-2: QWQr+8BoT2NBqlzk85TzmkkELUP4ltMwWP3GRFAqAtGUDWdR2pqd+aSouwIN4FSdCAQOtFQdf4Q=
x-served-by: cache-fra-eddf8230045-FRA
last-modified: Thu, 07 Dec 2023 13:09:17 GMT
server: AmazonS3-br
x-timer: S1702156458.542324,VS0,VE0
etag: "9356e9f99a129d14bc990a23e0a86d44"
vary: Accept-Encoding
content-type: application/javascript
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 143

GET
H2 200 ilabspush.min.js Show response
cdn.pn.vg/push/ 231 KB
62 KB 31ms
31ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/ilabspush.min.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/c21ce561-8fdd-41cf-bfb3-40626a5688cb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
via: 1.1 b50b0f4274b74414c7dcdb544e6090a2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: ZRH55-P1
age: 6526
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 07 Dec 2023 15:50:00 GMT
server: cloudflare
etag: W/"182fca27d735cd93c2d2c43afeb41bef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJxxBqeIuh7X%2BKlUlTGX%2Bzdc4u0UA6slN7ioQ3%2BOX1ACe3mfldVXP29Eyrs6evaxwrKBGlDrc%2B%2FohfUKmeD4PuX4w2UDiVdzbo%2BMRTXspvw2VjQ66y1ykSkG4prCC4CMZesSI%2FPo9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 833041c3a8c85c80-FRA
x-amz-cf-id: rV9WLeESxZScsmwB25ZmtUkohGnAJ0ZUN3zid9bE9cqzcfBhzFEMnw==

GET
H2 200 / Show response
ui.cleverwebserver.com/ 160 B
383 B 46ms
28ms Script
application/javascript 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d2a1a06c6ecb8dedd829ef2a429287356e36d7f04afef11ad7d2b4acc7f2d76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cf-ray: 833041c3ed8c9235-FRA
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 pmk-20220605.3.js Show response
pm-widget.taboola.com/portaldocolorado-network/ 102 KB
29 KB 23ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pm-widget.taboola.com/portaldocolorado-network/pmk-20220605.3.js
Requested by: Host: pm-widget.taboola.com
URL: https://pm-widget.taboola.com/portaldocolorado-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4

Request headers

Referer: https://portaldosaopaulino.com.br/
Origin: https://portaldosaopaulino.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: S0NybznADyjC11u403KHG9NurTw2vaPs
content-encoding: gzip
via: 1.1 varnish
date: Sat, 09 Dec 2023 21:14:17 GMT
x-amz-request-id: DPMYAGHXN0YVRGY9
age: 2734676
x-cache: HIT
content-length: 28803
x-amz-id-2: 9SlsWWpgchuoVAWJE6COBN8jSXMKLrmXAulUy/9+bLpUVVqKfho94F295H6nMqpyLwMnbcziCH0=
x-served-by: cache-fra-eddf8230122-FRA
last-modified: Tue, 03 Oct 2023 04:45:57 GMT
server: AmazonS3
x-timer: S1702156458.581734,VS0,VE1
etag: "202a4505b66371e8ab7943b4951f3b3a"
vary: Accept-Encoding, ,Origin
access-control-allow-methods: GET,POST,PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 36ms
36ms Image
text/plain 65.9.95.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=14194541&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1702156457563&ns_c=UTF-8&c7=https%3A%2F%2Fportaldosaopaulino.com.br%2F&c8=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&c9=
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-81.prg50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
via: 1.1 79ba346413d83ce62db11c8d0b05c22c.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: PRG50-C1
x-amz-cf-id: BA8BLSKp3MIP-T84p7HwWBESgraGvQwnyHnHwqm7YEAySKhYIEcv1w==
x-cache: Miss from cloudfront

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 44ms
14ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231207-12-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 241791
expires: 60

GET
H3 200 pushnews-sw.js Show response
portaldosaopaulino.com.br/ 55 B
593 B 16ms
16ms Fetch
application/javascript 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/pushnews-sw.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dde9490581308ca118c495925f3178491ec771b728b79d19bf7dd122970e3f16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160252
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 16 Dec 2021 17:20:58 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNx8BgZmBmcbqWpWKzCnQAKoLWc33D3YAjYdLHgH50QOewL9%2FX5ZUdTQW8iyWGUqa%2BCWgPyb%2FaEYqCtJa%2BU5yQRSaXBqKPfkeXWNVBDlB%2BuDA89qgxIhIgw9v1%2FqztCW5o6oSc5Jp4Imnm%2FPaI0HDA8kh7yjCM%2BU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
cf-ray: 833041c409801903-FRA
expires: Sat, 07 Dec 2024 06:43:25 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30649
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 12:43:28 GMT

GET
H2 200 PushnewsSubscriptionSDK.js Show response
cdn.pn.vg/push/ 35 KB
9 KB 21ms
21ms Script
application/javascript 2606:4700:20::ac43:4637
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pn.vg/push/PushnewsSubscriptionSDK.js
Requested by: Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4637 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-P5
age: 6356
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 03 May 2023 17:43:50 GMT
server: cloudflare
etag: W/"d83660b1645b3c67ae586e71ccd92e33"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBLxJ%2BV%2Fio3RYuhtHvSwjDuugZ%2FwdN5SrHlPNgOKNT0%2Fm%2FShzKI6o0OUzt1iKE%2F4WjxSB9zzhsKPoiBPAUVj01xebsH4K6eJykh8SePnMQRPx3gvesFHmaOc4Eb7IWl167atRsR2mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400
cf-ray: 833041c4697e5c80-FRA
x-amz-cf-id: wu-gYTYmxrJMyDBxjdJCKEjMgQZLrjCBrf9Y38fGJ5I0BFWSbvwkGA==

GET
H2 200 /
call.cleverwebserver.com/ 43 B
105 B 55ms
37ms Image
image/gif 2606:4700:4400::6812:2a64
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://call.cleverwebserver.com/?id=60866&c=DE&r=HE&l=95&b=Chrome&os=Win10&mob=0&v=1.58.0&ref=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw%3D%3D&ruri=&iv=-1&ctr=DE&sz=1200
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:2a64 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 833041c48e3a9235-FRA
content-length: 43
content-type: image/gif

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/ 398 KB
135 KB 221ms
118ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldosaopaulino.com.br

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6a507efb5925e8d9357c5249faf9f2a3651395b499330f4188eeaeadb10c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137723
x-xss-protection: 0
server: cafe
etag: 11344269690673176391
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 6910 9 KB
4 KB 170ms
53ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8799286339378242

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 19:15:44 GMT
etag: 5585625838579639069
expires: Sat, 23 Dec 2023 19:15:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 81ms
81ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5GB957Y1NV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a90e8a988354563e5cf3e876e0fd4a87b5b1be243274bfe88d4ce09a0a5cf54f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89874
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
67 KB 68ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-192628768-11&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a3338750137f6be48ad45436d3017b407f5d09d0b1678651e67b1f404162384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 68314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 98ms
28ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 19:28:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6328
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 21:28:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 70ms
70ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9361cb908b83c141f3eeb290b24e144aa6fe839a7d232677a7d547135b068294

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:17 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 61ms
28ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 21:14:17 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 44ms
9ms Script
text/javascript 65.9.66.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-122.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:16:06 GMT
content-encoding: gzip
via: 1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 61092
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: THU64By3ZdCXv06nWm0wGGT3ssIxrtfbaLMGnhcm2tU-BV9HFfPN4g==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 68ms
21ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:17 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 321929
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 833041c59ab95c80-FRA
expires: Tue, 12 Dec 2023 21:14:17 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 51ms
14ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 21:28:48 GMT
content-encoding: gzip
age: 2072729
x-guploader-uploadid: ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 14 Nov 2024 21:28:48 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 217 KB
59 KB 384ms
384ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1321651908090885&correlator=3445557481033899&eid=31080074%2C31080078%2C31079992%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortalSaopaulino%2CPortalSaopaulino_Interstitial%2CPortalSaopaulino_Stick&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=1x1%2C1x1&ifi=2&didk=3677888762~747429736&sfv=1-0-40&ists=3&fas=8%2C1&sc=1&cookie_enabled=1&abxe=1&dt=1702156457802&lmt=1702156457&adxs=-9%2C-9&adys=-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&vis=1&psz=0x-1%7C0x-1&msz=0x-1%7C0x-1&fws=2%2C2&ohw=0%2C0&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=false&dlt=1702156457229&idt=558&adks=1812788701%2C347441239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245d4c5c95ad5a617f2a968311d300242bacb292f0dadb6f5ffb485993ea0680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59877
x-xss-protection: 0
google-lineitem-id: -1,6418277897
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138455036745
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7D06 6 KB
3 KB 218ms
89ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sun, 08 Dec 2024 21:14:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 39 KB
14 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl_page_level_ads.js?cb=31079992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 11:38:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34547
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13835
x-xss-protection: 0
server: cafe
etag: 11693141498105903443
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 11:38:30 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
212 B 35ms
35ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1238900586&t=pageview&_s=1&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ul=en-us&de=UTF-8&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=1923002367&gjid=1265499898&cid=881570728.1702156458&tid=UA-192628768-6&_gid=1249317713.1702156458&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=2083018772

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldosaopaulino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
66 B 37ms
37ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1238900586&t=pageview&_s=1&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ul=en-us&de=UTF-8&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAUABAAAAACAAI~&jid=1977098846&gjid=1429735437&cid=881570728.1702156458&tid=UA-192628768-11&_gid=1249317713.1702156458&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=404277629

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://portaldosaopaulino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9B8A 15 KB
6 KB 17ms
17ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=portaldosaopaulino.com.br

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:17 GMT
server: Kestrel
server-processing-duration-in-ticks: 258715
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1

85 B
194 B

115ms
114ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 53200b160ad3560e8758632e4f2ce7023245f715606f9e19702716492e362cd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-s8IK3VS+Poz1lWTilCihSy+GolQ"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://portaldosaopaulino.com.br
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 09 Dec 2023 21:14:18 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://portaldosaopaulino.com.br
location: /esp?url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 114ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-N254Q8C0NW&gtm=45je3bt0v9101611689&_p=1702156457246&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=881570728.1702156458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702156457&sct=1&seg=0&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&en=page_view&_fv=1&_ss=1&tfd=1814
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 159ms
54ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N254Q8C0NW&cid=881570728.1702156458&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N254Q8C0NW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 184ms
76ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N254Q8C0NW&cid=881570728.1702156458&gtm=45je3bt0v9101611689&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1314518621

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 101ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5GB957Y1NV&gtm=45je3bt0v897311171&_p=1702156457246&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=881570728.1702156458&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1702156457&sct=1&seg=0&dl=https%3A%2F%2Fportaldosaopaulino.com.br%2F&dt=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&en=page_view&_fv=1&_ss=1&tfd=1833
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5GB957Y1NV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
341 B 101ms
30ms XHR
application/json 52.212.5.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.5.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-5-247.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 6d98f0a07e454346e88a6882d73fa1fa788869223c49aedfbb4c6e9746d95bdc

Request headers

Referer: https://portaldosaopaulino.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache
x-server: 10.45.29.239
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9B8A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=portaldosaopaulino.com.br&sn=ChromeSyncframe&so=0&topUrl=portaldosaopaulino.com.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1...

454 B
671 B

92ms
24ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

861f38a3ab2d6394309ad1614094eebf62ceca1f82ea5defabe9412bc9e8a313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5755548
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:17 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zs5YGXxGeXZOTFUwR2hCV2dHTzRNQS9oOXNBN0taM215dnM4QTFwRVhEZjVtajBvMnZNbTU1MlpxUmYyQ0EwZVBLemhwTElGQklxWjk3SDEwbTM5L1ZWNC9tdlpQTEhJaTVtM1NrUG9CZll2NUMzQW9iRHVLQ0ZaMnEzU1d3bU10WEwzWUhaOWVSemF6d1pudVQzRDNCYXdERFgzSEFqWWljRkRoeFoyL09Vd0JtWDdKaHhuOVhUcVhoWFRQL1Ruc2FXWDFRYXd1WWYrN0dkQ0YyYWU1QkFjMjFtZU1pdTJlZXN6Sk5Pc0RuUVFBQVZNTFNxaHVmcUVGblhwSGdMckJ6TXAxeWxPVTVDQmNyLzYrTVB1Z3ZPeHAxUGYyekRVNEZNR3p6K2V0YkpHTDRacz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 280566
content-length: 0
expires: 0

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 36ms
15ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:31:08 GMT
content-encoding: gzip
age: 67390
x-guploader-uploadid: ABPtcPpKNR8g3KuNh2MtRCxAd8Akg4gFGDO94qX11vr0zbRWvGEnlZlkZHxi1nZ3aMTlgdrFnmM
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6116
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "c39451e5dec2be7fc7d6df76b55be662"
x-goog-hash: crc32c=SdVkEQ==, md5=w5RR5d7Cvn/H1t92tVvmYg==
x-goog-generation: 1694696370171925
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6116
accept-ranges: bytes
expires: Sun, 10 Dec 2023 02:31:08 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 66ms
65ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-931232517

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07a195d83f3bc8ac75e54ff6cc51b79ca42f058cd55e84904f0bb6abea59120f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74595
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 81ms
80ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2cf5acb226ee67e0e79eab63865805cc30703d9ebe074c7c28fccb0388477b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80958
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 103ms
103ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-814785950&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b894cc7e0ff5c548f67f18361b0c500e5d5b24f6fd6cbcd83426dea0f7464498

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81033
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 121ms
120ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-9964-3/CT-23

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

01af7339b6c6b48810da8d74a1437d567f2da716b038b0ceab3d48dfed89cd31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81103
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 228 KB
79 KB 142ms
142ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0db4ed353b10355c0190bb8322472f991598c5a8911b4c527d07203a082ccaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 175ms
175ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-192628768-6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

32b80cfcca0f669e3de6ea1dc4ecd36c162e555d8bc4d8aa68127d8590197475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72496
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H3

200

main.js Show response
portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/ Frame 98BC
Redirect Chain

https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

7 KB
4 KB

12ms
12ms

Script
application/javascript

2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Server

2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb13e7247dc55a76c4ea9451ce39b88d1f4c68502b89a211df6bd6c1cb9c6a75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7xWe2Us03DvMdkQqStCwxlabDrD%2Fjc4N%2F8SNPj6f5xcrvwfQtmLI%2Fc66%2FxMeWGEBtWL80nKhYOQiPcI8g9XHKBua%2FW7Q54UBmKcCLv%2BCEgVPAF3xEMGFAnElYdB3kRLguOgPvOwUOK%2BCldgtJ%2BFliXL6Hz9izJhY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 833041c6dca81903-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 09 Dec 2023 21:14:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VrAXwXDWYgsF4bDRvtSZJIVtxRE9mPHkdTTUtU6deUxBkLKPOJlocTPEi1mZ5M9wt%2FV4Rp%2BaLI2HAMmbHSEdzl8Zk3aBsYY5h3ZvS7vhtyWVVIUmi18dgJTYwVDgYh7S6kppw%2BWr%2BHSyOnq%2FiGJvYm0jWb8kMwqJ"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 833041c69c6f1903-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 14ms
14ms Script
application/javascript 35.201.123.184
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:51:50 GMT
content-encoding: gzip
age: 1348
x-guploader-uploadid: ABPtcPpA0EQFGfhPCPyNXQQ6VgSV7LAsErupAEwqXjKdw2cmU0nE2_R2I07RGDSa4Ok8schbZzI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8334
last-modified: Thu, 14 Sep 2023 12:59:30 GMT
server: UploadServer
etag: "20de3c90b2d9541b062276e079f0eaa7"
x-goog-hash: crc32c=yMCztg==, md5=IN48kLLZVBsGInbgefDqpw==
x-goog-generation: 1694696370056280
content-language: en
content-type: application/javascript
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8334
accept-ranges: bytes
expires: Sun, 10 Dec 2023 20:51:50 GMT

GET
H2 200 trk
tt-9964-3.seg.t.tailtarget.com/ 70 B
664 B 204ms
113ms Image
image/png 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-9964-3.seg.t.tailtarget.com/trk?tA=TT-9964-3&tJ=_channel:r7-cas-alimentacaosaudavel:1|_channel:r7-cas-int-em-livros:1|_channel:r7-visao-geral:1&tK=1702156458&tM=direct&tL=direct&tN=direct&tY=3&tZ=643804404
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H3 200 portal-sao-paulino.png
portaldosaopaulino.com.br/wp-content/uploads/2023/06/ 12 KB
12 KB 17ms
16ms Image
image/png 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/06/portal-sao-paulino.png
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4347e5533b31599e126475d73441932755e671a267f2784366ead6e009549b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 916484
alt-svc: h3=":443"; ma=86400
content-length: 12032
last-modified: Tue, 06 Jun 2023 13:29:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rsBYfBAYcKnN5mWrIsCAs0PAh53brJiZv%2BgFmpjZlAAoDaSrzAsZTtjTQ4Yztq14ef47TxqsnAticm2%2FI6U310mbTsPONJARVwbdr4V4yda2hxbA3t2cBeKqpyZAEfkQB5gAbxfHSx8sPF9RCYFU5JPt090r3Ld"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041c6ecc81903-FRA
expires: Thu, 28 Nov 2024 12:39:34 GMT

POST
H3 200 833041bebf179be6 Show response
portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 98BC 0
578 B 29ms
28ms XHR
text/plain 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/h/b/jsd/r/833041bebf179be6
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpAvJJI%2FWkNxFWnKxgegliBOaCp%2BohqfscI6N1Wh0Nhw0rQx%2F1%2FFJffhlPTFhNu36xnud9S%2FxGnBFtnhJa%2BdsKYqTz5IlDcwsFWjJFkbOEdmsfU1so4HFTY9ekpPkh4JNCHCDTWCzx0PpkhPnLFjzLWUZgDIm6%2FQ"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 833041c75d271903-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
328 B 147ms
110ms Script
application/x-javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 44289e3d47d74145ce8ee6d99a3f9a2cde77b2d8aad9b1b946ea3204a9813ab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/x-javascript
cache-control: private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3BB 0
188 B 285ms
284ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8799286339378242&output=html&adk=1812271804&adf=3025194257&lmt=1702156458&plaf=2%3A2%2C7%3A2&plat=1%3A64%2C2%3A64%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702156457733&bpp=3&bdt=504&idt=439&shv=r20231206&mjsv=m202312050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2540047951256&frm=20&pv=2&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079866%2C31079979%2C44795922%2C95320378%2C95320885&oid=2&pvsid=1321651908090885&tmod=66995599&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=453

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8799286339378242&plah=portaldosaopaulino.com.br

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sat, 09 Dec 2023 21:14:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A468 6 KB
3 KB 55ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sun, 08 Dec 2024 21:14:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 97F4 6 KB
3 KB 54ms
53ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sun, 08 Dec 2024 21:14:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 8D24 0
167 B 63ms
21ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 09 Dec 2023 21:14:18 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/ 3 KB
1 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/801247112/?random=1702156458302&cv=11&fst=1702156458302&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-801247112&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33ba298d87594bd173435b3d0eae2663f84f8a23db29b44be0cb8283ea25736a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/ 3 KB
1 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/814785950/?random=1702156458324&cv=11&fst=1702156458324&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-814785950

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

732d165dd7ffe0d4dd2067f50de753bde0fa07bc4bfae1e6955e68f8d473e74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/ 3 KB
1 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-931232517/?random=1702156458339&cv=11&fst=1702156458339&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&hn=www.googleadservices.com&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&auid=826602102.1702156458&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-AW-931232517&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b847304c8235413dce535477bf457427ddd23a1ed26a4900c54a19fc3167d6d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1296
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A468 4 KB
767 B 60ms
60ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 19:26:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 653D 14 KB
1 KB 61ms
60ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 19:25:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D 2 KB
902 B 168ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:55:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8346
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:55:12 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 653D 24 KB
9 KB 168ms
60ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 18:54:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 18:54:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 454E 143 B
166 B 54ms
54ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2152
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:38:26 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D 3 KB
1 KB 164ms
56ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83540
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 653D 20 KB
8 KB 214ms
106ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1927
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 653D 202 KB
64 KB 188ms
73ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 653D 37 KB
15 KB 192ms
55ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 20:42:23 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame A468 22 KB
9 KB 174ms
68ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 12:33:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9231
x-xss-protection: 0
server: cafe
etag: 9385233705467680479
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 12:33:03 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A468 205 B
295 B 205ms
71ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:17:49 GMT
x-content-type-options: nosniff
age: 86189
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Dec 2024 21:17:49 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A468 604 B
1 KB 188ms
55ms Image
image/png 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:12:31 GMT
x-content-type-options: nosniff
age: 75707
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 08 Dec 2024 00:12:31 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 97F4 24 KB
7 KB 144ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:37:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 74213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 08 Dec 2024 00:37:25 GMT

GET
H2 200 1107c3ce3c87336 Show response
ad.vsrv.media/deliver/js/ Frame 97F4 3 KB
1 KB 114ms
10ms Script
text/javascript 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vsrv.media/deliver/js/1107c3ce3c87336
Requested by: Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: 7be0d3eb8675438bb8cd99f6fdbdad8e429e801c4e5ec85ddcd7d25b8bc3b552

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
cache-control: max-age=4107, public, s-maxage=3428
content-encoding: gzip
server: nginx
content-length: 1331
content-type: text/javascript; charset=UTF-8

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97F4 202 KB
64 KB 271ms
172ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 114 B
564 B 113ms
113ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-9964-3&tY=1&tS=4&tU=0100007FAAD87465DA0689B2022CCA10&tX=b.52&tZ=19860658
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b80f0363c7df0f0e6cedf5532ffcbcd0157341bee5f4c208ac3c930d484f2f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 /
www.google.com/pagead/1p-user-list/801247112/ 42 B
108 B 177ms
68ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/801247112/?random=1702156458302&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNfxt5lOrFJ7pbHyWvqiJD1900_8OJdoONWR6zBH1TAOHD5Ugc&random=3887136765&rmt_tld=0&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/801247112/ 42 B
154 B 62ms
62ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/801247112/?random=1702156458302&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v876458346&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNfxt5lOrFJ7pbHyWvqiJD1900_8OJdoONWR6zBH1TAOHD5Ugc&random=3887136765&rmt_tld=1&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 454E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

62ms
61ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sat, 09 Dec 2023 21:14:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/814785950/ 42 B
108 B 136ms
64ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/814785950/?random=1702156458324&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNslpwnkVhGFrCqykYAF70UUrBVKasBWR7yCpIczsX_Z9JKn8a&random=1413010766&rmt_tld=0&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/814785950/ 42 B
108 B 64ms
63ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/814785950/?random=1702156458324&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0v887832856&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNslpwnkVhGFrCqykYAF70UUrBVKasBWR7yCpIczsX_Z9JKn8a&random=1413010766&rmt_tld=1&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-931232517/ 42 B
455 B 134ms
63ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-931232517/?random=1702156458339&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNsSroSnViKivWp7oXtTkImuZ30baT468Jyz2GNyVPZpsqRLDQ&random=437809828&rmt_tld=0&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-931232517/ 42 B
108 B 62ms
62ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-931232517/?random=1702156458339&cv=11&fst=1702155600000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&frm=0&tiba=Not%C3%ADcias%20do%20S%C3%A3o%20Paulo%20FC%20-%20Portal%20do%20S%C3%A3o%20Paulino&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNsSroSnViKivWp7oXtTkImuZ30baT468Jyz2GNyVPZpsqRLDQ&random=437809828&rmt_tld=1&ipr=y

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ca Show response
tt-9964-3.seg.t.tailtarget.com/ 75 B
112 B 113ms
113ms Script
application/javascript 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-9964-3.seg.t.tailtarget.com/ca?tZ=366105416
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: c16ffaefaa96364424fbab29ab554814481486d83cb052cb25ab3e223c5ec8af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
via: 1.1 google
server: nginx/1.17.8
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 97F4 0
0 93ms
92ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsspGtTL4YkISTUxFRRoA4U8YDrFZaBEyFUouj4T7zysgpDbiJRqbHeamoeF1IfhPogjZtfr45WFtYatT1QjIEhVwvJj7EbGIsOPQq2BXyVSPdr6CFnuhDkUipoA8OCFIS_5h1bfP8zb303nOSNo9KD4L3TSEl6pvs5xILubVLjAJabS0BBGY8BK7Rivi--5OtWNrkr-lmhmoGd-T5_Jozud7igpab56MhoFzQrdZEfmGfdsHfd4aOsW1GKRMbjBDUmz0XA8UoFobEEUWC3UzAV5YsNA2u8T_D7qJcBk7h8VanWRIqrwFDoYqHaWnuP98OWLTcYNE1P6waPIJXHiXcBe4HibMf-DWTt-D2Q4hQVYrVrbBmLDG3cZVc3JfnsDaNlQNJdLnGIJ0fJdhhrMgC6zsnGC&sai=AMfl-YR37zeUwITgYazWAK9Irv7Sz7Qj8q74xf_4of-YPmWwDjwQy9UxYu6Vam2HKAFfnsG3BCqxDRkF93MSo68YWM11eYvNAHAQ9KyRFIdn8hZrsJSEuRX26ZNtWdRvdSPYImf-Uxgv00TibAKoNR1lhJOq-JbBfoY8UBcaAG0&sig=Cg0ArKJSzMIjPnQR29wtEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 1107c3ce3c87336 Show response
ad.vsrv.media/deliver/token/ Frame 97F4 2 KB
1 KB 17ms
17ms Script
text/javascript 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vsrv.media/deliver/token/1107c3ce3c87336?loc=https%3A%2F%2F602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&vid=52f5d60a-d4a2-41e7-a368-51d6ad285e46&ref=https%3A%2F%2Fportaldosaopaulino.com.br%2F
Requested by: Host: ad.vsrv.media
URL: https://ad.vsrv.media/deliver/js/1107c3ce3c87336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: a80f6001deb9fd22c4405eed0cba1da78ac7a9b97f5ba0e5fbb4cd2f9c3fa9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: gzip
server: nginx
content-type: text/javascript; charset=UTF-8
cache-control: max-age=0, must-revalidate, private
content-length: 925
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
H2 200 9ed6707d8a09a268742c.jpg
ad.vsrv.media/images/delivery/ Frame 97F4 28 KB
29 KB 20ms
20ms Image
image/jpeg 167.235.142.248
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vsrv.media/images/delivery/9ed6707d8a09a268742c.jpg
Requested by: Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 167.235.142.248 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.248.142.235.167.clients.your-server.de
Software: nginx /
Resource Hash: b9ccfd2dab2f0d841ecd305a719d0d01c8fb3455ef17eeae020cefa82edef4dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
last-modified: Fri, 03 Nov 2023 13:28:50 GMT
server: nginx
accept-ranges: bytes
etag: "6544f592-71e4"
content-length: 29156
content-type: image/jpeg

GET
H2 200 tr
www.facebook.com/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1992888384353851&ev=Tail&cd[custom_audience]=CA15771

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 21:14:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=862479430
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0

70 B
363 B

127ms
115ms

Image
image/png

34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEP4lat11i7uvfCFxoj-0w7g&google_cver=1&google_ula=862479430,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 320
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
289 B 126ms
111ms Image
image/gif 34.102.185.99
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-9964-3&tE=0&tF=&tI=_frankfurt%20am%20main_hesse_de_1702156458436_3117783974&tJ=CA15795,CA15771&tQ=r7-cas-alimentacaosaudavel,r7-cas-int-em-livros,r7-visao-geral&tU=0100007FAAD87465DA0689B2022CCA10&tX=b.52&tY=1&tZ=639763954
Requested by: Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/gif
cache-control: no-cache, private, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C62 50 KB
19 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 15:39:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 15:39:12 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 97F4 0
0 190ms
88ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsujLBPIizdTimIWJ6VWgGNwXDHQSkqrXGzmxtgRAu_4VId5WhF2Cyce9Fp4bGsq8Rs9sD7dpX0XXhrDkKz025P7MzuHLnWZ-y_kIt9OIJBhNSoAjdOPluRNXVFH16cmmsoLwbGoprCxNJywh_PGuYvfP-j7nM_91yWkbsAmb_EMJOZvwfzPhFDFECcOqAMsk3MzZc1RKRctLkJJFFUKiczEbPpddXbxD5uf9ENOhfIqb2Ud3sDhSB3U7-WxrRDbkteAQPxZbDZjHnN8OUYYMlTL527wr9RuPhRYRcEckFDVv4B00qQrAeHoBWOeU0HyTpaUJ3NnvLzIxeGFqqr5Vxov8MS1z8LL1FxsxeVOQGqF_JmmEbVZUpNwBIC8H5BtLuglcNcw66OP-djj44yHrq6yFhNGvSk&sai=AMfl-YR37ip5JqcPMPfIbMet-8EtgCwpiFDC4Ze8afLu6FhZ55QUoTLQwCezABwbDIQML15WfOiEi65zgD1BPsVsoKW6SKCe3NsdyLiWk_jM_N-y5s8mMOjghzVH7Z68tH4_IR2BXJaR9b64Q7UpR1k_NFbSrLJkbuDU3nenF2w&sig=Cg0ArKJSzJFQNf8lm8xeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 21:14:18 GMT

GET
DATA 200
OK truncated
/ Frame 97F4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4fecfa314eef79335f53501dfead3036bff1d9893175ed5dc85b4f7d3c7c5f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 102ms
101ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6bb90951d9cc3176058e0a1a190ae38507f58bc70265b5befdcf6057586bb94d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12149
x-xss-protection: 0

GET
H3 200 mobile-sp.png
portaldosaopaulino.com.br/wp-content/uploads/2023/05/ 8 KB
8 KB 21ms
20ms Image
image/png 2606:4700:3036::ac43:c9b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portaldosaopaulino.com.br/wp-content/uploads/2023/05/mobile-sp.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9b1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88704bcbf6cc035484d56531cf8a26a3fd93acdf9609007abe9b3a821f9baf52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2581793
alt-svc: h3=":443"; ma=86400
content-length: 8148
last-modified: Tue, 30 May 2023 17:48:16 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xE0%2FrMuthKRifrX4wS2RR8zRB508Nky3umCMlmWm33PGERp8tpCFCej%2F6UBi9CjHvHFYlrk6k6QjfWFY0x%2BNhlekbV7zUSppwTvWJkb1jFkEqh%2BAI7EQ%2B6Ozv7ZOoXu2I9xSQGdn3PGtJCpM1j9lAP2fsAptQl4Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=31557600
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 833041cc3aa71903-FRA
expires: Sat, 09 Nov 2024 06:04:25 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 21:14:19 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
46 KB 506ms
505ms Fetch
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1321651908090885&correlator=1767435742695717&eid=31080074%2C31080078%2C31079992%2C31078660&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=22671866468%2CPortalSaopaulino%2CPortalSaopaulino_Stick&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=4&didk=747429736&sfv=1-0-40&rcs=1&ists=1&fas=1&eri=1&sc=1&cookie=ID%3Dd63e4ac06d02c98b%3AT%3D1702156457%3ART%3D1702156457%3AS%3DALNI_MaasOy5sLdKd_TQbCUWc0lIHn41dA&gpic=UID%3D00000d110c8ab0b6%3AT%3D1702156457%3ART%3D1702156457%3AS%3DALNI_MYJNf3SmS_nX3FkPMEy24WqIRLxCQ&abxe=1&dt=1702156459042&lmt=1702156459&adxs=0&adys=1116&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fportaldosaopaulino.com.br%2F&vis=1&psz=1600x2162&msz=1600x-1&fws=512&ohw=0&ga_vid=881570728.1702156458&ga_sid=1702156458&ga_hid=1238900586&ga_fc=true&dlt=1702156457229&idt=558&adks=347441239&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b14c4e79ddc6a520b593136eda5e2f15dae79d9fcea993d1cb8c5f4e4ec0d3f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47215
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://portaldosaopaulino.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BCC5 13 KB
5 KB 52ms
50ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 25070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 14:16:29 GMT
expires: Sun, 08 Dec 2024 14:16:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 66B4 829 B
982 B 62ms
61ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b99de21e7f416e69cd26b50bc28155c8f3aa6d1d2c06b85ab6418dc03134a4bf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WnKS-9e4ANr8k73Ye897RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WnKS-9e4ANr8k73Ye897RA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:19 GMT
expires: Sat, 09 Dec 2023 21:14:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame BCC5 39 KB
15 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 66B4 0
0 88ms
88ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=1321651908090885&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BCC5 0
10 B 51ms
50ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9fgmzQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:19 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 97F4 0
0

GET
H3 200 container.html Show response
602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6BE4 6 KB
3 KB 54ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:18 GMT
expires: Sun, 08 Dec 2024 21:14:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 483B 624 B
245 B 95ms
95ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 21:14:19 GMT
expires: Sat, 09 Dec 2023 21:14:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 6BE4 111 KB
39 KB 167ms
53ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Origin: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:46:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1660
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 20:46:39 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 6BE4 7 KB
3 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7570
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:08:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 6BE4 24 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 19:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 6BE4 41 KB
14 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Dec 2024 18:05:08 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6BE4 3 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 22:01:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 08A8 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2065
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 20:39:54 GMT
etag: 48472445140208031
expires: Sun, 10 Dec 2023 20:39:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 6BE4 20 KB
8 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1928
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 20:42:11 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BE4 42 B
63 B 90ms
89ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BEeebql9Ib7_mrseF2zmltnia_gkVx50YwUMg1x4Dzu1QruVSE-hQ0rZ6Z9Ye16dx-GTe6wMyuQgyZTOfu0AHoYK7wOT5JqFa5Hc4jEBzAOm4o9tQ

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BE4 202 KB
64 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 21:14:19 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 08A8
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1&google_push=AXcoOmRugqwzXiFZ4qGmp3AGlEYIQaPfFIi2WjEAch0e6HKGrl5K5P2abhjzQfaHt6oxAi-GTZmy2PtXikNNZyClja8e-WyGpodi
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzg2NDU5NDA5MjI4MDA2NzMyMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1

43 B
398 B

14ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
Requested by: Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDaGSQpz5RpXy8_sOpW2-LA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 08A8 35 B
464 B 29ms
11ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAW1WSgPIxYtbsaWKcURZTQ&google_cver=1&google_push=AXcoOmRLptuzu7gzWo1jVR_gzmuHVCFGpS6j-dk1kevvAhPx8ncpXKrqDWHn9m2X3s46Wq21XuXV33mgdcDy5tDChJr8kTo35dJs

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230044-FRA
pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1702156460.745236,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZX7WwhTYWM0LDk3Gc865I&google_push=AXcoOmTNWExNj6460S16HU0L0dBdHPZwJDi9snhRmbnUZJ7ZtBc9xexwvx29DXK7go8nKYKsyM63L39ciBL1wLlojVpc0jHQn54N
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_E...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESED_UTPUbof3VziljWkMa-MM&google_cver=1&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-

170 B
188 B

55ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmRfIooJ4FoYht9E8L0-hWA7orGcYwl5rsvSWtTFmRGoUIlP_56m549aGZiBsRsSRoAYikiUSDfb39MTSv7jp0JRR_EIdR0-
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpI...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcIeFxfBXd5luresqv34k5QlZWRuwklpV25DhI6Iyuo8osioQ6FXsDolYochqYg5hfoQ5giySgPIOzrCikeYf2Gl%2BOwEapGmgUukvtlTqvrhSX0kzMoUlAyYj8%2BFR9eV7Sr1yrjWgM7HXw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEAv0sDH_SUqZA5Zwvf84eZk&google_hm=ZXTYq71vMBKpFQXweyzHvQAAFIEAAAIB&google_nid=index&google_push=AXcoOmS4wF4zBJDSE_ns8SMWYw4nRquVcuZpIDqTt-Etfn3vomrisP42IvPWZIOvuy-8K8llP8PImuiAsg5IurcjqDN6hxzxxgWu
cache-control: no-cache
cf-ray: 833041d1ae804d8f-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08A8
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV5...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIXotJRRdVt9Ca4ZK-MiPdY&google_cver=1&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV5...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 09 Dec 2023 21:14:19 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTzBpquG8GcpR_xfvnapwi5OtWogJawNUlsg5M_MO-aCzNw5a1ClhCKdxPgmDKwGt6OGj3QsmjOiwdqQxBV52pI0mtXSoVr&google_hm=Hy06qGZH1iuN_RIVSvC2CrWu
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET /
csync.loopme.me/ Frame 08A8 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 08A8 0
50 B 44ms
42ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L2LXrEjG5x19bWu1Ia2w3v6W6jopP8kwJEXyvwYhfey5_8WUbdw4aN46r12i-zFJeDzppU9g

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 901C 38 KB
13 KB 51ms
51ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 62911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 03:45:48 GMT
expires: Sun, 08 Dec 2024 03:45:48 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BE4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41dec1bf4f0840b42bb5f9d1a5929c2a2c5435924c20fd5374f8d3903b9f808c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 483B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1

43 B
769 B

30ms
29ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yDbgKgqoIVcaz4OKZ99Hla9jYg7UvI1H%2BD3IAqPf8BiHVALtayfNjmfPlnHGnAU00tB3TRv2f4c1x43kvFVkL2dZiQwVibXKSDtjLe%2FclSlfyo2tRnIPYGWuwh9WyHn%2BQJ0C%2BMdonLxegA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833041d1b9389c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 483B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXTYq71vMBKpFQXweyzHvQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1

43 B
737 B

24ms
23ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1f%2B7hLfNvPkgUCMV2pBUWAj1%2BmoRADLdfY%2Bw6PyF4hcOCaLONRoIAimKOzmf29hXSLPUn%2FWBRBgg25q9vYQUEIHQozHUs9oNHpIsRLmI9dPZUyzBxRE2tawaSb8DUB%2F7k5tDxijZzkrQg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 833041d229d49c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELO8JY48xokLBLyj6Szszdc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 483B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKxFZf_ixol_dJe9jqF1P0o&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1

43 B
898 B

16ms
16ms

Image
image/gif

185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNW1OpylTkYvvNtXdlDlsXbFB5pazq30tQkmqVyBTmzJJ2OkgA84n7KN4ADJejJfkHZLESRjJYcPZ1gz5lEM7yct0U-1HWf3KEOP8s0b9pIOj4BV6wDgouVDDeLyiAB4-qB-jF_xKEpuuT_KoqUp8srH3FjAhJd1G-yvfr0HOW2hz8vSYQ0

Protocol

Server

185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid: ed7ad238-9392-4d51-8f77-8e2e42d2608d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid: a73e194a-fa9a-417a-8497-ff70a72a159d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKxFZf_ixol_dJe9jqF1P0o%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 483B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D

170 B
188 B

48ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
an-x-request-uuid: 68917bb1-dc1b-4629-ba4a-8372f494cb77
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5NDgzNjgxNTU0MzQ5ODM4NQ%3D%3D
x-proxy-origin: 185.213.155.166; 185.213.155.166; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 901C 39 KB
15 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 22:01:59 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=1321651908090885&bg=!4uGl4a7NAAY3kmNgF5I7ADQBe5WfONSUWhFFrRpXWDGIiF6_KQRM4uyMHl0XPbjo1_yk1DGvGdha2zl9yRP_jaf7bQX1AgAAAD5SAAAAAmgBB5kC_TDEnS14xbU1v-bGizhM722RkorV2_MWbPozvXqI2oFdX4dkiW7MFu84UE--6WvObOwXrMqFkgzBTe9xXIdH0LXuhXhUIRqFISYqdH6QHCVwokPQwGRD2sJp_E4lXmxVjs1oQHwJBaCsSzfNcrEJ7wEkfTfTFAvL115CknPOmLyXig3vMR4ps7rRHijqKNsT0emJPUoXoZyk_KeTq8tRICSTzyL9Gu8dl9a403qNCjRAlfOVusawzNUFvixaZsXaPAcarzZq_myUp9UzVBrq_jabp1bv8NwILv92hW_10ik2H9dovWb99HvEvr5qnYDkZcX9sPVsvSBPiw61yd-imw2SfUZ1ujOsJCHiqIMbJPX8duintzuUy-kNiftrAZSxGWzlp3dgk01K_JIK0UPbw4oe6g4PfTEMs9DHYJ5ng0JNNbge58eLEMk3g3QRptw7hV2s1Kgo9lDfOtQFfI3uk-Ev5vu4gc2kza8V63ThOkIrXOe13TUqQevEeWhV98yg11pESXBANI_WbqL2zgrAsTsyNhhhMUDCFO4uFRtuhNp1zfLNnOvCpmMtmrQsBKNHeY4oL3gc6zDInWgxdllgpGX2y3lgD1wIiznV0lSsyEtsF5Ql0lNgvgs1qnMqFeEZ08mAyILoM994acShaG0O2uNbleJUDaW66nBySv8W1O-vJqCaHWsbz_A89Vxh5Ja2i2SlFpSksb3bW3Ff7bq0A6X7T28D589awrU7bSWiw-9D3Li8kblwUSO2tETYOwC1YWXDmp2jCxUwUfoNWArZhGl46l8eqxmPIte5h5GZdpxAklYcNZ62gm8K7BsB2neEeP3EShU5bvQi9wXdRMGhrLk3ULj7aotb4sr35miSOFs-RkCJxb8o2eC_mF_H8QJDdfwCN3ui2jOAHpx4-0LU0wh56UyKelT6gLWMI2X7PaFiBcIMzCHxrPVW2dREd6kRibx3d43q1tv8cisgIKUjsrP0qZ1Oa6YF5eIp9Y1EhXqbj8Q6L7T1FaY1ww2ctg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5828888878462795776/ Frame 3AE5 86 KB
18 KB 171ms
57ms Document
text/html 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87db6ed4b0c73df1c5eed4648d19e3e14e8d42b7dab754365bcd421a1e2a3fe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51067
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18429
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 07:03:13 GMT
expires: Sun, 08 Dec 2024 07:03:13 GMT
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6BE4 0
0 165ms
82ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssNmnUfqnGaLkNM3lFr07lpGZPshM-Nkd4Ezv3L0caYMm2Uy3tLMY43TGC_sWjxGFw2tz3qJ1oB9AtY1fw6uw2Vw-Bu7FgA6onpk1icEtxkqb5B6LltZW4oX3aQKG_mnoSrOSoyTJ7zpRwsUo0pW3F_9DRKhYgPv2OA-l7JGshfoz19GdfNNwvBYICNoxHCTGVXYLiKrb1B5SFlbxn5c2AGiwqw1zjUBSxPED_F9pe-g1rtYcxfHzD8oZYvJw3mgvpRyEHLuKiEoycb54dvdiq6h5M8-ZpHCyRFcDbt-ornlOvy7kUiysXtOhxYRjskFH-8DCM38878HKF-iq0yfMVu-kNXED-5VB-bdmr1etBaG-pc_1qH7eDN9B0ymnz8R4Y1Ii8ZafigpVal1IXzMbXSgQyLq3iOk1Kb6Dp46qURrJ_3HH_ZoTpKvjqwnn9pyosN620wsq0IYUaMXZCvh84LT5dLEmoa6ielYGoEXiLudcDOzovwzT4mZx7UUgyiX942EJ6dbiaW_lXC5MLuq7PUls57xS9w6tXVprDcikueXM5CXe3LyHB6prSPyY-aI1as5cYir60T9XHiX0NFY2y8QqiAl5sEW3if1vCNX05hR-v5Vf1s727RenjWdyYb-0qWKtQWEkPQwLG_apV34c9GyzaXZ6gbPAeVfH8NJDNCW9pyHlY0bJEjWHNXWHa7kCwgAlKXWiVIlrFZhlQt43_Jd1wFR8nD2Bcb-Yu1usAvv1vZy1FUHflf5hGxg0sWU9hJNQAER1mZEr8-gaevCNbeFRTJAd9etSme8fXCFDuSAAlC-_hx9yaiKhm__oFgnuw_9IGULTWsF1i-cs3w4WnsKqtWZ2tox5tArDyLMFZxJIYLmhSGBIJcl26-W5sLrUYzg5tJXn83-rtsQCF4KW8Bd8krG6ebhbSia407JdyoAfSijZqk7Dp675pAZLBi3aJs7HH5QiN_B_Fd6wdihf_Cfi7uFXqKQkN1tHVZHjYNF9hMcbKUYRFsm4X_GqpjKuUiTFhMfNS12dL8QWrnxV60rP38iUAdSeqiaqS5LXI347VFI3uC2dpllKPuvoERRXrocRqpLQXY8vjOjh2aEl711MHgWu0Q8bCQgwD5C8cXNL9CGNEYMPPp6DU39EG7WcnLMmyAL6G1RYiNBV1al-SZR35433zWVaKkKR-ohJerJFTQzHnKg_xzWGlWDLD9W0IetnQaH2jDUdk6hVLi8j81TofOPqmBsXjXLIOOV1OPmUnVL_PGBmyibbK-t50uB0T-dwdmOvCbnfcCQSY6IBj7N9bHlUUMxdZ-pnhuxL-2qN0MNKqjcaR1aUyP9bJNL2j79LKWxiEvO5M-J0VGqtVxG6PaEBtSW8tDXKw7CeJFxyodt5SywUM5b2EGYkpUk8iaDG3uoB26EPsTI8fNlCBbU6we5Nv7Cq8UzgVvGAhbFz0lk6AVEa09aSs_vys_cCshl8CIh_zusqdtCUe9CseI2dShoz5SerglUM-Rfbw94kqfbuEdWxi-qydKvpjs0gE9YiSD8QY2qXuBTBNWn5I-T6M&sai=AMfl-YSN7qT8YdCpWY7JzEgs4WmQGrNTwAlR6-zQIJsupIXtMkXngh76WNrbYouMo2rM3wImaazjMCzRBYtXUab9VJrXNFUL6eWOXWQFbSIAwy014f4c4PBjR-FJ9MN_HBKBCz2zAmfvclGF_dCYyCo7GPcTxsO46ns_JtLCqR7fvMskDBnRFHpzBZByqGFAVqMmkiBOO87h5FG6mKihuKtcNE0VQPmSZTPKHsTqRcRU_ykTQPumvNvRKwEUzVge6yzQqoohJtE1FLu7BIkndtaD5bLOmS8qWCaBiq4uZIDTBLfFS27ErhxRrxipGq7086kZebWpOVwwu9vrvvbhnx_G4MUSYumUEvyor5QZjMoqkdFYrss69PxqGH7wrfRpC74HLASc9FALWk5qaTUN4DHdveZqcOs4v7nD2LRCmUB6tYqC&sig=Cg0ArKJSzC_O_LvAMb0lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=239&cbvp=1&cstd=238&cisv=r20231206.18334&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 901C 0
20 B 92ms
92ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BAfFmq9h0ZdKjBoCn1PIPvIyq0AEAAAAAOAHgBAI&bg=!Hh2lHVLNAAY3kmNgF5I7ADQBe5WfOMosbz7bgqwTBhLYbjWmfqdwX1amWyiAtTiTcAvX4R6lA1IxGnDUKvbGJjFLiPX6AgAAADRSAAAAAWgBB5kDOnuWj8fgHW3ePViQj2XFGELOUkP88Wb0KWRvbT4G5CPcT3SsXW4fJnrM79ZHqYUdxMv619ajHrMMqxm2IaRgBBa0XaOza0eUG0J4sBoqA0IAZ78yNrGzjr0o4TwmIPxtzm-E590T5jFSrVzM8I4IcBGJ8o_WbRCYADD2vfhO_kWXCBICJzQZpkhBx2XWngTqDh_DbfXGf0dPYu03dsH2EL35uIhDyotHAwAdSmAlT39UWJIU-mGX2LM3yBnTtC507Tg11LQ4WSgpM5u8GTbEfmlq4my8TUFj-KYyYGsaJNg67keYnbVvVdFG0WHtIRHpbg1crkrPUYwxN-8iU1pRT2L-HuRB5_vDoO7SjI62fckxvVq2yv4a8L5Ab6NbusyqV51lFjtfJWfRE7wTJutCczwoCgR4NqT4-5fuh5FQeP8rBTxYtW-MQqnIMvlNWhNqZGQogxQBuYQF-EVS4hKnWGsNtTuYtH5Bt0hTBmkeOhX7LcfADj23bDcEjIYlr1ja5fJonSXgz0uOQ0xo6-AgGEYtvwnAanUh-WPsM0i3oR9KCwbIpnyQjrLBVaZU47cDCmK0MfJd5CoFwiDXAsvrjSU2ifbjrHesuT3p2UY7wD-l_bds8itq9ofH8OxDFxC2EsLerPDRCevvb3ksXG3ni1vAs2eecWeeRxSKFvCu_4CKVPashHZKEPRD-aUTlLm5VaDOGS5gZMDDyWaMrEX5vDD0LTm013B2iCX4VN905tN_619yLrAFeF7NaFITGRuvMXaKdZPTWlhOVoJDkRm_SI7gflBamatAi5HfbQj92L2uMUqwmJnitTrGS8fGKZ8XT6xNVCkZSp8GCSUYHeBt2ttFU2j2EiR9YTf14QeZ79NaRet4u9rpWIYIf9pVbX4BktjKRtUVwoUneyLlvXGpclc9692--ynRyxZzFX-JFkv1IuM6RWzKeBrIG9MlB1ixC6oIed8_-XybIR_ADK5POKwiy4TupRulg3Ek-TLQBtsclUZa2Eu7h--DaQpEzlo1a9Qo1XTlhDZg84L4A_bxY3DM7PDluag_054hvHyIeQMKkBjfe0WHMgNfEupZ48bLUSyhf780boKuUaM

Requested by

Host: 602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
URL: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 3AE5 70 KB
25 KB 47ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1012853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ugUFG5AC41Ppkl4EmIUXdw3llxM1tbmwtCQ0jcF3Xby0r4Kd3MTRncHlPx4N32yryPIbd853Z45Btrup7NhtHf1NNExEFhZYBq%2FjdiYzFd5HdsWk8nueLf42kimuBkq2pTq2WGDs%2BFQ8fUBjZziG60Dp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 833041d3bdc12c45-FRA
expires: Thu, 28 Nov 2024 21:14:20 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame 3AE5 2 KB
1 KB 49ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 94979
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtgET6nglzNNAx8W2%2Fac93qhGsS%2BYnXIjufm0My3LGayB2fzmuu3tHkuuVyPlBuAyNyjVzNtAPT2gbdjCHydUSPY%2F4jnZiZwi23VBct0ihtEvHx2Ve3b%2B7RaT%2F4Ysulph3y1XITtkrkwXqBevjUAV4T4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 833041d3bdc22c45-FRA
expires: Thu, 28 Nov 2024 21:14:20 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 669 B
429 B 57ms
57ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:15:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104305
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:15:55 GMT

GET
H3 200 4bc00967.jpeg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 65 KB
65 KB 144ms
142ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/4bc00967.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options: nosniff
age: 1901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66672
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:39 GMT

GET
H3 200 a6f611a5.jpg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 52 KB
52 KB 121ms
119ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/a6f611a5.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:05:25 GMT
x-content-type-options: nosniff
age: 115735
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53458
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:05:25 GMT

GET
H3 200 21a581d0.jpg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 56 KB
56 KB 85ms
83ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/21a581d0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:13 GMT
x-content-type-options: nosniff
age: 51067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56976
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:13 GMT

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 5 KB
2 KB 66ms
64ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 16:05:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 16:05:11 GMT

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 5 KB
2 KB 109ms
107ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:13 GMT

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 302 B
262 B 107ms
105ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:39 GMT

GET
H3 200 b8492361.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 3 KB
3 KB 118ms
116ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/b8492361.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options: nosniff
age: 1901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2959
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:39 GMT

GET
H3 200 34c11484.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 5 KB
5 KB 112ms
110ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/34c11484.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:14 GMT
x-content-type-options: nosniff
age: 51066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5232
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:14 GMT

GET
H3 200 a70ed28b.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 2 KB
2 KB 106ms
104ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/a70ed28b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c60092cdf1bc703d733c277220a3709441129259e937cca537d7dc6261efb52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options: nosniff
age: 1901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2105
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:39 GMT

GET
H3 200 891487f7.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 4 KB
4 KB 73ms
72ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/891487f7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45b787fc509d0753bf66efd5a3152c99844e7a35dbf756f512936d44dbf548fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:14 GMT
x-content-type-options: nosniff
age: 51066
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3659
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:14 GMT

GET
H3 200 5e0da0d6.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 2 KB
2 KB 83ms
82ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/5e0da0d6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:30:52 GMT
x-content-type-options: nosniff
age: 121408
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1579
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:30:52 GMT

GET
H3 200 a32ff691.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 3 KB
3 KB 185ms
184ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/a32ff691.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:52:01 GMT
x-content-type-options: nosniff
age: 112939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3153
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 13:52:01 GMT

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 820 B
499 B 82ms
81ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1639
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:47:01 GMT

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 769 B
430 B 79ms
78ms Image
image/svg+xml 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 10:25:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 10:25:50 GMT

GET
H3 200 f03f74fa.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 2 KB
2 KB 78ms
77ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/f03f74fa.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41805a2cbfd70463ce7347d9a094b96074220cf5fc01b1e1cc6cc719b71f6680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 19:20:57 GMT
x-content-type-options: nosniff
age: 6803
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1980
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 19:20:57 GMT

GET
H3 200 3cd27a8a.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 3 KB
3 KB 69ms
68ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/3cd27a8a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74e230e3d9b92e87927976ef7cb860f590114fe43c5268eb873f61b2ded6fc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:23:39 GMT
x-content-type-options: nosniff
age: 85841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3249
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 21:23:39 GMT

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 1 KB
1 KB 186ms
186ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 20:42:39 GMT
x-content-type-options: nosniff
age: 1901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 20:42:39 GMT

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 3 KB
3 KB 183ms
183ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:15 GMT
x-content-type-options: nosniff
age: 51065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:15 GMT

GET
H3 200 2188a10a.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 15 KB
15 KB 164ms
163ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/2188a10a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47e7d2fedb68b869412ef3efdc829eda38a93489168677c93024f894c77129ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:51:20 GMT
x-content-type-options: nosniff
age: 350580
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15374
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:51:20 GMT

GET
H3 200 78963c72.png
s0.2mdn.net/sadbundle/5828888878462795776/images/ Frame 3AE5 33 KB
33 KB 175ms
175ms Image
image/png 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5828888878462795776/images/78963c72.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5e1bcb6490808c6ade52c4f2b567a1ec51d9339d58401dcc7d9199dd192113c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5828888878462795776/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 07:03:15 GMT
x-content-type-options: nosniff
age: 51065
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33922
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:56:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 07:03:15 GMT

GET
H2 200 / Show response
info.nsmedia-advertising.com/ 156 B
603 B 532ms
183ms Script
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://info.nsmedia-advertising.com/
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fcc40affc6c9e1e881596234f396a953f4d43453eeaf0fe9a2f6755ff68fac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portaldosaopaulino.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2B4wM6GUfyS%2BefbWU4erKi3jaqgzFQRntQCvHGx2%2FnRO2oN9B3LbCiNCkDcxjoyl%2FJiWNXY6Dkoz9GsMRHXeqsaiak8sy7tPDYv7CZgp2oDLNUmGMECqSu92RfYBQkZzFStJU0J6587km3FG%2B0HfBRg%2FRvlSCqIlctXS"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 833041d6aad36584-SIN
alt-svc: h3=":443"; ma=86400
cf-placement: local-SIN

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 6BE4 0
0 73ms
73ms Fetch
image/gif 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssNmnUfqnGaLkNM3lFr07lpGZPshM-Nkd4Ezv3L0caYMm2Uy3tLMY43TGC_sWjxGFw2tz3qJ1oB9AtY1fw6uw2Vw-Bu7FgA6onpk1icEtxkqb5B6LltZW4oX3aQKG_mnoSrOSoyTJ7zpRwsUo0pW3F_9DRKhYgPv2OA-l7JGshfoz19GdfNNwvBYICNoxHCTGVXYLiKrb1B5SFlbxn5c2AGiwqw1zjUBSxPED_F9pe-g1rtYcxfHzD8oZYvJw3mgvpRyEHLuKiEoycb54dvdiq6h5M8-ZpHCyRFcDbt-ornlOvy7kUiysXtOhxYRjskFH-8DCM38878HKF-iq0yfMVu-kNXED-5VB-bdmr1etBaG-pc_1qH7eDN9B0ymnz8R4Y1Ii8ZafigpVal1IXzMbXSgQyLq3iOk1Kb6Dp46qURrJ_3HH_ZoTpKvjqwnn9pyosN620wsq0IYUaMXZCvh84LT5dLEmoa6ielYGoEXiLudcDOzovwzT4mZx7UUgyiX942EJ6dbiaW_lXC5MLuq7PUls57xS9w6tXVprDcikueXM5CXe3LyHB6prSPyY-aI1as5cYir60T9XHiX0NFY2y8QqiAl5sEW3if1vCNX05hR-v5Vf1s727RenjWdyYb-0qWKtQWEkPQwLG_apV34c9GyzaXZ6gbPAeVfH8NJDNCW9pyHlY0bJEjWHNXWHa7kCwgAlKXWiVIlrFZhlQt43_Jd1wFR8nD2Bcb-Yu1usAvv1vZy1FUHflf5hGxg0sWU9hJNQAER1mZEr8-gaevCNbeFRTJAd9etSme8fXCFDuSAAlC-_hx9yaiKhm__oFgnuw_9IGULTWsF1i-cs3w4WnsKqtWZ2tox5tArDyLMFZxJIYLmhSGBIJcl26-W5sLrUYzg5tJXn83-rtsQCF4KW8Bd8krG6ebhbSia407JdyoAfSijZqk7Dp675pAZLBi3aJs7HH5QiN_B_Fd6wdihf_Cfi7uFXqKQkN1tHVZHjYNF9hMcbKUYRFsm4X_GqpjKuUiTFhMfNS12dL8QWrnxV60rP38iUAdSeqiaqS5LXI347VFI3uC2dpllKPuvoERRXrocRqpLQXY8vjOjh2aEl711MHgWu0Q8bCQgwD5C8cXNL9CGNEYMPPp6DU39EG7WcnLMmyAL6G1RYiNBV1al-SZR35433zWVaKkKR-ohJerJFTQzHnKg_xzWGlWDLD9W0IetnQaH2jDUdk6hVLi8j81TofOPqmBsXjXLIOOV1OPmUnVL_PGBmyibbK-t50uB0T-dwdmOvCbnfcCQSY6IBj7N9bHlUUMxdZ-pnhuxL-2qN0MNKqjcaR1aUyP9bJNL2j79LKWxiEvO5M-J0VGqtVxG6PaEBtSW8tDXKw7CeJFxyodt5SywUM5b2EGYkpUk8iaDG3uoB26EPsTI8fNlCBbU6we5Nv7Cq8UzgVvGAhbFz0lk6AVEa09aSs_vys_cCshl8CIh_zusqdtCUe9CseI2dShoz5SerglUM-Rfbw94kqfbuEdWxi-qydKvpjs0gE9YiSD8QY2qXuBTBNWn5I-T6M&sai=AMfl-YSN7qT8YdCpWY7JzEgs4WmQGrNTwAlR6-zQIJsupIXtMkXngh76WNrbYouMo2rM3wImaazjMCzRBYtXUab9VJrXNFUL6eWOXWQFbSIAwy014f4c4PBjR-FJ9MN_HBKBCz2zAmfvclGF_dCYyCo7GPcTxsO46ns_JtLCqR7fvMskDBnRFHpzBZByqGFAVqMmkiBOO87h5FG6mKihuKtcNE0VQPmSZTPKHsTqRcRU_ykTQPumvNvRKwEUzVge6yzQqoohJtE1FLu7BIkndtaD5bLOmS8qWCaBiq4uZIDTBLfFS27ErhxRrxipGq7086kZebWpOVwwu9vrvvbhnx_G4MUSYumUEvyor5QZjMoqkdFYrss69PxqGH7wrfRpC74HLASc9FALWk5qaTUN4DHdveZqcOs4v7nD2LRCmUB6tYqC&sig=Cg0ArKJSzC_O_LvAMb0lEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=693&vt=11&dtpt=454&dett=3&cstd=238&cisv=r20231206.18334&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: portaldosaopaulino.com.br
URL: https://portaldosaopaulino.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 DE Show response
c.nsmedia-advertising.com/unibet-32red/ Frame 72FB 678 B
676 B 940ms
921ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: PsbLJgtLjoEEJxw=
cf-cache-status: DYNAMIC
cf-ray: 833041d80bb36584-SIN
content-encoding: br
content-type: text/html
date: Sat, 09 Dec 2023 21:14:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3dGCeGtxdO1qESS0cgAYLUO%2F5%2BjIZ3I%2BcSWAcxb9Hk63bbMIt%2B%2Fn4vbISwf7lw%2B%2FvlnrzcUd8L6eN4sAZJbx1ns9T87wxYsHAuyqf%2BSWztKDfqe%2BG%2B3cF9Rjz5BagBtxrlWd8%2BgVYuoKvHnKx4W%2FztocFTpdE%2Bw"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6BE4 42 B
64 B 99ms
99ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskIhee5N4xuKVqbGcQnLOU_UQV1nLvkCiaCUqOJgD1CIoxGuifCAT8-_Ba7SodCvyJAZFDAm8iSNqnKrTFuANOLDEK_7kzVjktllz4THF9TyrGtidV8ZpELVxqTcuBz-zRxEapLbPw3lVI&sai=AMfl-YTX47YhgfRMyX2858T5LAp2L9ZBeHfngDPx4qYIuRBBtBaNI6U173fdqF9LyZ2NlK74cKRHmv_s2VfWY92BpHlhJbDdxIbnJSvn96I6ubXADs5NS7s-eMfHdIM-MiZsrxFeBoUycs8&sig=Cg0ArKJSzCIVbZRmX4-pEAE&cid=CAQSPADICaaNMIBfLJ2yL3Oh5ZkCGLV6hvXPv0_HDfTCx6IEbAq1Qqglw_xdw5bZaTIGoPkVHTriHxvnU2nnWBgB&id=lidar2&mcvt=1000&p=1110,297,1200,1302&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=347441239&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702156459572&rpt=199&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 21:14:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

404

btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF Show response
b1.trickyrock.com/ Frame 8CB3
Redirect Chain

https://b1.trickyrock.com/redirect.aspx?pid=74444021&bid=34664
https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF

1 KB
1 KB

51ms
51ms

Document
text/html

2620:1ec:bdf::63
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
Requested by: Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/unibet-32red/DE?l=59046d39-36f5-40b4-82f9-7c31f54eee01&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly9iMS50cmlja3lyb2NrLmNvbS9yZWRpcmVjdC5hc3B4P3BpZD03NDQ0NDAyMSZiaWQ9MzQ2NjQ=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::63 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

Referer: https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
content-length: 1245
content-type: text/html
date: Sat, 09 Dec 2023 21:14:21 GMT
pragma: no-cache
x-azure-ref: 20231209T211421Z-sabcpahebh5gp3eg34n3m8fs8400000003tg00000001nk7m
x-cache: CONFIG_NOCACHE

Redirect headers

access-control-expose-headers: Request-Context
cache-control: private,no-cache, no-store
content-length: 0
content-type: text/html
date: Sat, 09 Dec 2023 21:14:21 GMT
location: btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF
p3p: CP="This is not a P3P policy! It is used to bypass IEs problematic handling of cookies"
pragma: no-cache
request-context: appId=cid-v1:83ffbda4-9458-475e-90ec-4427cfb5c3b0
x-aspnet-version: 4.0.30319
x-azure-ref: 20231209T211421Z-sabcpahebh5gp3eg34n3m8fs8400000003tg00000001nk73
x-cache: CONFIG_NOCACHE

GET
H2 200 DE Show response
c.nsmedia-advertising.com/entain-bwin-de/ Frame EA3E 662 B
617 B 371ms
370ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3
Requested by: Host: scripts.nsn-server.xyz
URL: https://scripts.nsn-server.xyz/js/65f4819358a0350613fc487595debb5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1

Request headers

Referer: https://portaldosaopaulino.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
apigw-requestid: PsbLYgfGjoEEJLg=
cf-cache-status: DYNAMIC
cf-ray: 833041e4cb036584-SIN
content-encoding: br
content-type: text/html
date: Sat, 09 Dec 2023 21:14:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SL2gA8s0AizaiLiKaGTau%2FvZQnYV6EQlcB7h%2BFT8aLQAfT1I%2F63Q2ZpLfW9gI%2BHakE83dwOv0jN7dZDGr3YiFGiciQshdkBIkqhEz7zfU%2BRansXtXVFr3nrUYjgVwzlrVhkfNQfYl8t36SGHkhxKd%2F84UPhJlnH"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 contact
www.bwin.de/en/mobileportal/ Frame D9C5 0
0 332ms
289ms Document
text/html 104.18.28.137

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bwin.de/en/mobileportal/contact?wm=5322937

Requested by

Host: c.nsmedia-advertising.com
URL: https://c.nsmedia-advertising.com/entain-bwin-de/DE?l=239cff6f-3b7d-4c69-a210-880bf0602ea4&token=9725e035-0ace-4c35-a02d-2197cd8d835f&country=DE&region=HE&ref=&path=aHR0cHM6Ly9wb3J0YWxkb3Nhb3BhdWxpbm8uY29tLmJyLw==&url=aHR0cHM6Ly93d3cuYndpbi5kZS9lbi9tb2JpbGVwb3J0YWwvY29udGFjdD93bT01MzIyOTM3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.28.137 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-src *
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.nsmedia-advertising.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 833041e6eb0f9220-FRA
content-encoding: br
content-security-policy: frame-src *
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 21:14:23 GMT
expires: Sat, 09 Dec 2023 21:14:23 GMT
server: cloudflare
server-timing: vanilla;dur=240.413
strict-transport-security: max-age=2592000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfO-jD__9Fvh80n0ux0ltgEECnSxjj-pou5YBo1UeBbSoovpRSnwT6eANldSKSiAwvnmCmmATbHbOI7S675z--9U8a_MkD2OA7yRYcGgcJgV6Slp9aoVEClaP-F023iAJytYvl4W4NbA&sai=AMfl-YQeTHQrlOYSJUnhC96bG4nDfzY1k41nvbEROAFtjGQP_rzG1Ds&sig=Cg0ArKJSzH5VHV7sSx2GEAE&id=lidartos&mcvt=0&p=1139,436,1412,1499.5&mtos=0,0,0,0,847&tos=0,0,0,0,847&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.15&if=1&vu=1&app=0&itpl=19&adk=347441239&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1702156458266&rpt=445&isd=0&lsd=0&ec=1&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Domain: csync.loopme.me
URL: https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB_UMKRNRJN5EhfHBDtNuB0&google_cver=1&google_push=AXcoOmQfJhqcctuQ0NghOw0jRjXM3K2ddbP5sMqkO3I78DOUD9miuiSeAsB0pHy_koExZyDPCPbOB0bPpTTTF4RJHd-p6MY5H3y27A

Verdicts & Comments Add Verdict or Comment

395 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
portaldosaopaulino.com.br/	1970-01-20 17:32:28	Name: clever-last-tracker-60866 Value: 0
.portaldosaopaulino.com.br/	1970-01-20 16:50:42	Name: _gid Value: GA1.3.1249317713.1702156458
.portaldosaopaulino.com.br/	1970-01-20 16:49:16	Name: _gat_gtag_UA_192628768_6 Value: 1
.portaldosaopaulino.com.br/	1970-01-20 16:49:16	Name: _gat_gtag_UA_192628768_11 Value: 1
.portaldosaopaulino.com.br/	1970-01-20 16:49:16	Name: lotame_domain_check Value: portaldosaopaulino.com.br
.criteo.com/	1970-01-21 02:10:52	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:10:52	Name: uid Value: a25af8c2-3bb3-48c8-9f6a-074a616def85
.portaldosaopaulino.com.br/	1970-01-21 02:25:16	Name: _ga_N254Q8C0NW Value: GS1.1.1702156457.1.0.1702156457.60.0.0
.portaldosaopaulino.com.br/	1970-01-21 02:25:16	Name: _ga Value: GA1.1.881570728.1702156458
.portaldosaopaulino.com.br/	1970-01-21 02:25:16	Name: _ga_5GB957Y1NV Value: GS1.1.1702156457.1.0.1702156457.0.0.0
portaldosaopaulino.com.br/	1970-01-20 16:49:18	Name: tt_c_vmt Value: 1702156458
portaldosaopaulino.com.br/	1970-01-20 16:49:18	Name: tt_c_c Value: direct
portaldosaopaulino.com.br/	1970-01-20 16:49:18	Name: tt_c_s Value: direct
portaldosaopaulino.com.br/	1970-01-20 16:49:18	Name: tt_c_m Value: direct
.openx.net/	1970-01-21 01:34:52	Name: i Value: 7a989f6d-934f-4158-8923-73c12af45850\|1702156458
portaldosaopaulino.com.br/	1970-01-21 02:25:16	Name: _ttuu.s Value: 1702156458136
.portaldosaopaulino.com.br/	1970-01-21 02:10:52	Name: cto_bundle Value: v_O50F81VG93cnFUWGNXakwzZUFreGVObTk3TXdpaUZhUGROY3VSTzd6Q1lNMyUyQlYlMkZ1Y0VxV3prOGkybWNheG1pemNNTnIyS0hoemFpSDFLZVdpM0h1NWJXNnNaSiUyQnNQZ29VM0RlTWpyVVpadmZzQjZqUTViQnVZeGxGZGRyUlprRGU3akpzRmVka2dsaFViZ3RvczRoU2xsRmdqQnlEcDJpdiUyRlEwdTBGbm51UiUyRjZFJTNE
.portaldosaopaulino.com.br/	1970-01-21 01:34:52	Name: cf_clearance Value: N9JQ9neuso0wpHMBtHKcqFcua.ESo0nIyRDRPrjkM7Y-1702156458-0-1-74bde9c.e2b05bba.3224b2a5-0.2.1702156458
.portaldosaopaulino.com.br/	1970-01-21 02:10:52	Name: __gads Value: ID=d63e4ac06d02c98b:T=1702156457:RT=1702156457:S=ALNI_MaasOy5sLdKd_TQbCUWc0lIHn41dA
.portaldosaopaulino.com.br/	1970-01-21 02:10:52	Name: __gpi Value: UID=00000d110c8ab0b6:T=1702156457:RT=1702156457:S=ALNI_MYJNf3SmS_nX3FkPMEy24WqIRLxCQ
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 17:32:28	Name: trk Value: 48g4gc6Uau2UcSl8yyLFW9ZW+VCHEtE1VWrViWzM4H+XF/WHG72TXnnOj2cNdvllFb5Wh7HOAvAfuTA3vPYnyJCFEXKr5BGaJPlWnIus77A=
.t.tailtarget.com/	1970-01-20 16:52:09	Name: _ssc Value: y
.t.tailtarget.com/	1970-01-21 01:34:52	Name: u Value: fwAAAWV02KqyiQbaEMosAgB=
.portaldosaopaulino.com.br/	1970-01-20 18:58:52	Name: _gcl_au Value: 1.1.826602102.1702156458
portaldosaopaulino.com.br/	1970-01-21 01:34:52	Name: tt.u Value: 0100007FAAD87465DA0689B2022CCA10
.doubleclick.net/	1970-01-21 02:10:52	Name: IDE Value: AHWqTUl3JpZYhczEjaXYL4xIkbnWgbn19TyHfKyS2fenXJrzLR8Em7OG5p1hTey2
.t.tailtarget.com/	1970-01-20 17:32:28	Name: ttbprf Value: _frankfurt am main_hesse_de_1702156458436_3117783974
.t.tailtarget.com/	1970-01-20 16:49:18	Name: ttc Value: 1
.t.tailtarget.com/	1970-01-20 17:32:28	Name: ttnprf Value:
portaldosaopaulino.com.br/	1970-01-20 16:50:42	Name: tt.nprf Value:
.ad.vsrv.media/	1970-01-21 02:25:16	Name: uuid Value: 34785f0c-b9d59ba6-6574d8aa-8809-19924f4c
.tt-9964-3.seg.t.tailtarget.com/	1970-01-20 16:49:20	Name: ttca Value: CA15795,CA15771_1702156458
.doubleclick.net/	1970-01-20 16:49:20	Name: DSID Value: NO_DATA
.t.tailtarget.com/	1970-01-20 17:32:28	Name: n Value: 1702156458
.t.tailtarget.com/	1970-01-20 17:32:28	Name: tp1 Value: CAESEP4lat11i7uvfCFxoj-0w7g
.t.tailtarget.com/	1970-01-20 17:32:28	Name: dc Value: 1
.quantserve.com/	1970-01-20 18:58:52	Name: d Value: EH0BCQHPKoEA
.quantserve.com/	1970-01-21 02:19:30	Name: mc Value: 6574d8ab-b2fb3-754e9-35983
.turn.com/	1970-01-20 21:08:28	Name: uid Value: 3864594092280067323
.casalemedia.com/	1970-01-21 01:34:52	Name: CMID Value: ZXTYq71vMBKpFQXweyzHvQAA
.casalemedia.com/	1970-01-20 18:58:52	Name: CMPS Value: 5249
.casalemedia.com/	1970-01-20 18:58:52	Name: CMPRO Value: 5249
.lijit.com/	1970-01-21 01:34:52	Name: ljt_reader Value: Hy06qGZH1iuN_RIVSvC2CrWu
.de17a.com/	1970-01-21 01:27:40	Name: guid Value: 1.1579082628718839116
.adnxs.com/	1970-01-20 18:58:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?jiFe*$!]tbPl1M>e)ZlrFUfJ+tGXxoeOo1Q`LyKkw>71v$[g$8+Vulm8c?3$sU[PPg3If)y3KL9D3I?+o[^`Ho
.adnxs.com/	1970-01-20 18:58:52	Name: uuid2 Value: 7994836815543498385
.everesttech.net/	1970-01-21 01:34:52	Name: everest_g_v2 Value: g_surferid~ZXTYqwAFrYsx3wAM
portaldosaopaulino.com.br/	1970-01-20 16:50:42	Name: _NS_nbrePageViews Value: 1
.trickyrock.com/	1970-01-21 02:25:16	Name: NetRefer_CookieUniTrack_C Value: %5b%7b%22PID%22%3a74444021%2c%22BID%22%3a34664%2c%22DateTimeStamp%22%3a%22%5c%2fDate(1702156461853)%5c%2f%22%2c%22CookieTag%22%3a%223466474444021e4%3a%3a110f%3a6%3a02b1%3a30a2C20231292114%22%7d%5d

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://b1.trickyrock.com/btag=81765197_3C82DAAA0ABC406A837D0BA5ABF6D3DF Message: Failed to load resource: the server responded with a status of 404 ()
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.bwin.de/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

602f8ff4937899a8b28acae913668241.safeframe.googlesyndication.com
ad.doubleclick.net
ad.turn.com
ad.vsrv.media
ap.lijit.com
b.t.tailtarget.com
b1.trickyrock.com
bcp.crwdcntrl.net
c.nsmedia-advertising.com
call.cleverwebserver.com
cdn-ima.33across.com
cdn.pn.vg
cdn.taboola.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.quantserve.com
csync.loopme.me
d.tailtarget.com
d5p.de17a.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
info.nsmedia-advertising.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pm-widget.taboola.com
portaldosaopaulino.com.br
r.turn.com
region1.analytics.google.com
region1.google-analytics.com
s0.2mdn.net
sb.scorecardresearch.com
scripts.cleverwebserver.com
scripts.nsn-server.xyz
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
t.tailtarget.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tpc.googlesyndication.com
tracker.myth.dev
tt-9964-3.seg.t.tailtarget.com
ui.cleverwebserver.com
www.bwin.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
csync.loopme.me
pagead2.googlesyndication.com
104.18.28.137
104.18.36.155
142.250.181.230
142.250.185.66
151.101.193.44
151.101.194.49
151.101.65.44
167.235.142.248
172.64.151.101
172.64.152.89
185.89.210.153
2001:4860:4802:32::178
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
213.155.156.166
216.52.2.6
2600:9000:2127:9600:1:825a:8300:93a1
2606:4700:20::ac43:4637
2606:4700:3036::ac43:c9b1
2606:4700:4400::6812:2a64
2606:4700::6811:190e
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:bdf::63
2a00:1450:4001:803::2003
2a00:1450:4001:808::2006
2a00:1450:4001:80f::2008
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:81c::2001
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9d
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
34.102.146.192
34.102.185.99
34.120.135.53
34.98.64.218
35.201.123.184
52.212.5.247
65.9.66.122
65.9.95.81
00376f9f7470c6e32e5820d3c1d9fb6d447be4be7394326e1c2d4f2ebfd94de6
0140705704ef7b1087b2b70920e357f60bfcc1c20232371bd746079fc34a0192
01af7339b6c6b48810da8d74a1437d567f2da716b038b0ceab3d48dfed89cd31
053fc6fcd14cf8117c1262ce3601b7922eab00187ee6a3ad05cf77ced1e144bc
06481698327594a18a0c0effb351ab478f377f5778a1c166a59cc9aa475c1aac
07a195d83f3bc8ac75e54ff6cc51b79ca42f058cd55e84904f0bb6abea59120f
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d322d4493ee546f9d38daa49bdeeeedc86784f6dea388373788ac575009f92e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
107a7a0eadcba82495e387e12607bd57e7d184d236a0572db3c49de7b32cf015
10e7079b404c6321d8c9549dbd28736f3ca875ea3ffe282294ffd95f6b2b75e0
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17d206c671ea31ec9cbdb36da6f132b1d9bff0db72a2eef191384baa525f04f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1875d9d8f466d3ea4d82ca11837c3d4e8635438162fa3d52629e09d79501989b
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
194df184f92e5a38d2d2216df38a41e2ed5c2ac7992a0479069a6a1127301e21
1abab74e5447c3841a6eefd8fc41d3a3d74bddb1d499228dbc06940c6a997a18
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c60092cdf1bc703d733c277220a3709441129259e937cca537d7dc6261efb52
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
245d4c5c95ad5a617f2a968311d300242bacb292f0dadb6f5ffb485993ea0680
24f6c5a3eea28dc6a8e6c5a94e828e0a5d6140ebd8e21642120f3ba773d6aadc
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f8faf0b90a2595f55ae63b5b56315684c5d6dd1b42c1414b4f0970e7c6a3d84
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316d9a3b20eecd0d75bb9c4598d6086d2aa453d1cd42a5b7d4abed7d8c6ae545
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
32b80cfcca0f669e3de6ea1dc4ecd36c162e555d8bc4d8aa68127d8590197475
3382941f638b5a2e4fd70ee0e8ad677fd62726d922b0b5c7f845fbc8e3e3245c
33ba298d87594bd173435b3d0eae2663f84f8a23db29b44be0cb8283ea25736a
33e351e1c8c7adb813f4ef8386d0e523a791ec719dd596a4e95d626cdb8fb447
375086112b846e1b87e6c17841fd3c45809dadd86fdc553033ed20797147f034
395a036b18c09f33407f1a29a3fe592e7e43a41b14234980dfbf05c7fdd55ade
3fcc40affc6c9e1e881596234f396a953f4d43453eeaf0fe9a2f6755ff68fac4
40f32e66aa62e3c8204720cae7628b70f2df9ae39ee466f9583446827bd9aa75
41805a2cbfd70463ce7347d9a094b96074220cf5fc01b1e1cc6cc719b71f6680
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
41dec1bf4f0840b42bb5f9d1a5929c2a2c5435924c20fd5374f8d3903b9f808c
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43711d6e4fd52cb1034e62fa99feb977a00ce1d641e31cc3de44fa283a299dee
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
442353adce06fc2def880e6f81fa675e08086cdcacd1a4a0352c5ae1159b0290
44289e3d47d74145ce8ee6d99a3f9a2cde77b2d8aad9b1b946ea3204a9813ab2
4563823fd629a48517c7feb8bf33640e12440e08bdde7a172ce477c2ddfc9c4d
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
457d70a382f9be1b2020b363874e10a2f0f4798ea640f2b92a9e898404059580
45b787fc509d0753bf66efd5a3152c99844e7a35dbf756f512936d44dbf548fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47d0cfb7980bf2625e1d0ea022cfe8608a962bf2554d80438563b68780fc62a4
47e7d2fedb68b869412ef3efdc829eda38a93489168677c93024f894c77129ce
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
49102fa7d8f3d9fe20f5ce11ea6612065754d639c624e9c7306561d797b68d4a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
4e8f1c3ceab49255a03aa2e22d5f8d92077ea155767fb4c8c3744866d9757e6c
5076e41fbbf7586f03442f95f43c631be8c11d3890b857451f760d23570fcd02
52d5f0c0f3c7704b63d9e5d676e736069539324697fe77193dcdbe21dab2323f
53200b160ad3560e8758632e4f2ce7023245f715606f9e19702716492e362cd3
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
598398fff29a70bdbfb62959033dc299369868e867eecf11938e3d7b5b2142d7
5acea0998f8b7454460db5e0c845c6b34b8f5c16b9cb1a51dbda933575162407
5ad70e9fc5042aff04b7e3525872f856c39f5ea2044289fe97fad73943d7645b
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d2a1a06c6ecb8dedd829ef2a429287356e36d7f04afef11ad7d2b4acc7f2d76
5d927654f812803f789fee1abcb6a2bc2bf6b3eac0d87db4b734989f9e0669e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6766482d76571f21930a2a9b8dd350199efcd255cf684a3aa7a1ff23d92836b3
6a3338750137f6be48ad45436d3017b407f5d09d0b1678651e67b1f404162384
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb2908641f6b227f1915c39a42b8c69b17bd2c1a18cdd863314250891c1a407
6bb90951d9cc3176058e0a1a190ae38507f58bc70265b5befdcf6057586bb94d
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6c22bbed0afe926a4ad7941291775e6b212006a5d26a720b253a8c028c870cd3
6d98f0a07e454346e88a6882d73fa1fa788869223c49aedfbb4c6e9746d95bdc
732d165dd7ffe0d4dd2067f50de753bde0fa07bc4bfae1e6955e68f8d473e74e
74e230e3d9b92e87927976ef7cb860f590114fe43c5268eb873f61b2ded6fc30
7612ff33976166c9617f119403de9d0eae9e553ce8e06a265f5a02039cb05fc3
7be0d3eb8675438bb8cd99f6fdbdad8e429e801c4e5ec85ddcd7d25b8bc3b552
82827501afec686ff217847bea18cf345ca8e8aa99027ebff98f37e801394b39
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
858972a01ffd5fcbf9be0e871ad665a406893d8044857d4292f351b030427f58
85f244253939c63351b34fb6b40bc7af1a0b8da9a8d79d8f095e34f13152a41f
861f38a3ab2d6394309ad1614094eebf62ceca1f82ea5defabe9412bc9e8a313
87db6ed4b0c73df1c5eed4648d19e3e14e8d42b7dab754365bcd421a1e2a3fe8
88704bcbf6cc035484d56531cf8a26a3fd93acdf9609007abe9b3a821f9baf52
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8cbfce030d4bcfe922b43cc0c9e4c270a23554843d8b80b4d911d74a38c6a56d
8d6a507efb5925e8d9357c5249faf9f2a3651395b499330f4188eeaeadb10c6a
8f26944bb0a49105870ed138904641479bf78b09126c60f19be224f02c07eb89
90fd25c18303d1778941d8042740a293e075e270c80791b5a66b39382a4a44a6
9361cb908b83c141f3eeb290b24e144aa6fe839a7d232677a7d547135b068294
951937c05b317683fa2696758cae75dbce123ba4539a17e6ee89c952b3175449
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b27ea1a597eeb9af27c5e1594041e8338fc6bf9004080ac6d74ec354f94a1d8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
a4fecfa314eef79335f53501dfead3036bff1d9893175ed5dc85b4f7d3c7c5f5
a5e1bcb6490808c6ade52c4f2b567a1ec51d9339d58401dcc7d9199dd192113c
a703ddf118c196b2ee6570b2588e7a28602e5b91004d0a681237a417f2904453
a80f6001deb9fd22c4405eed0cba1da78ac7a9b97f5ba0e5fbb4cd2f9c3fa9f6
a90e8a988354563e5cf3e876e0fd4a87b5b1be243274bfe88d4ce09a0a5cf54f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aacd8572f4abdb803104c089cd42c187a52e4af8291493a7fcfdcde18cd72f14
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe1b8b2a83e8c80262f4ba8cc9ad20741e7bb2f775f359f94b4e25bfeb8a543
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14c4e79ddc6a520b593136eda5e2f15dae79d9fcea993d1cb8c5f4e4ec0d3f2
b27238ba2620d9d7e85aa82877c1881d1c05147bb6a7970f370deaabeb5bedbf
b2cf5acb226ee67e0e79eab63865805cc30703d9ebe074c7c28fccb0388477b9
b4d5da27286eef36cb0d5f0ff2e509d72d82151e11fe3d08d8c0aba039fdc9f6
b80f0363c7df0f0e6cedf5532ffcbcd0157341bee5f4c208ac3c930d484f2f50
b847304c8235413dce535477bf457427ddd23a1ed26a4900c54a19fc3167d6d8
b855f317639f2d0b5d010f65280c401552e039e67bff9afc2dbb06dd89e648c4
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b894cc7e0ff5c548f67f18361b0c500e5d5b24f6fd6cbcd83426dea0f7464498
b99de21e7f416e69cd26b50bc28155c8f3aa6d1d2c06b85ab6418dc03134a4bf
b9ccfd2dab2f0d841ecd305a719d0d01c8fb3455ef17eeae020cefa82edef4dc
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bc506be0437ff531204e236950dd25753197850d7b07995ce90a8e8f5eaea01c
c16ffaefaa96364424fbab29ab554814481486d83cb052cb25ab3e223c5ec8af
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c6ca1199ae49c8f7e3c4e0096ef1575f25457cf067355c483fe744de092ef20b
c7b5a736297a719f1347180cc01a19ec31bec168c813b732d13567b0bff9f016
c89c9b6861af5a4742d34dd42ae346eec1548fc87291e681a58dc89bc4cd7ae1
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
cb627b400414a489b1a13ff70c8983485f6c4063c4b8838aa4a0179a737009b9
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d071bd5b78fd862b103e59b78c4f1d4a921434a564af2bc480df5a8773f1c26e
d847ca8605f476557753ed7da645a0481d984f7dacbfe2116957be3444c6fe7f
da4347e5533b31599e126475d73441932755e671a267f2784366ead6e009549b
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dde9490581308ca118c495925f3178491ec771b728b79d19bf7dd122970e3f16
ddff624349b5a6a215933510cc0351bd1caecb36ffbc09de71ae04e60a6bcc0c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0db4ed353b10355c0190bb8322472f991598c5a8911b4c527d07203a082ccaf
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46a738795240f397d712472e7fcee9e1faf104cac5853ea66b00e2415f42b05
e6f5edf2e64374522e12e4ffbf608e7cd3fb5ff6b120a8600064173d77404e62
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb13e7247dc55a76c4ea9451ce39b88d1f4c68502b89a211df6bd6c1cb9c6a75
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef184f43e8b7d8995df8350c563f99de9410fa928b78664f1c5e9b972cc087e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f30d47f9cdcdd6cd0347c9b418cd1d7013db02af6416161ec98a610c8f82b66c
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f8cfc6e8bc2353fbcd4c95185addcd6fc897d8843f6b93e7fc1e0d676e5419a8

portaldosaopaulino.com.br Open in urlscan Pro 2606:4700:3036::ac43:c9b1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

207 Requests

92 %HTTPS

58 %IPv6

38 Domains

61 Subdomains

47 IPs

8 Countries

3561 kBTransfer

10596 kBSize

49 Cookies

12 Outgoing links

Page URL History

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

portaldosaopaulino.com.br Open in urlscan Pro
2606:4700:3036::ac43:c9b1 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

92 %
HTTPS

58 %
IPv6

38
Domains

61
Subdomains

47
IPs

8
Countries

3561 kB
Transfer

10596 kB
Size

49
Cookies

207 HTTP transactions
4 data transactions