tempo.clic.com.br Open in urlscan Pro
179.191.187.67 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tempoagora.clicrbs.com.br/
Effective URL:
http://tempo.clic.com.br/rs/porto-alegre
Submission: On November 14 via api (November 14th 2022, 12:16:57 pm UTC) from US — Scanned from US

Summary HTTP 94 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 35 IPs in 3 countries across 24 domains to perform 94 HTTP transactions. The main IP is 179.191.187.67, located in Reston, United States and belongs to Azion Technologies Ltda., BR. The main domain is tempo.clic.com.br.

This is the only time tempo.clic.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	179.191.190.71 179.191.190.71	52580 (Azion Tec...) (Azion Technologies Ltda.)
1 5	179.191.187.67 179.191.187.67	52580 (Azion Tec...) (Azion Technologies Ltda.)
3	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:20:... 2606:4700:20::681a:a5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	179.191.187.64 179.191.187.64	52580 (Azion Tec...) (Azion Technologies Ltda.)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1 4	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
1 2	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
1	108.139.47.108 108.139.47.108	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1 3	13.33.60.43 13.33.60.43	16509 (AMAZON-02) (AMAZON-02)
1	179.191.190.66 179.191.190.66	52580 (Azion Tec...) (Azion Technologies Ltda.)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::200e	15169 (GOOGLE) (GOOGLE)
2 4	108.139.47.54 108.139.47.54	16509 (AMAZON-02) (AMAZON-02)
2	138.199.40.58 138.199.40.58	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2602:803:c002... 2602:803:c002:300::98	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	68.67.179.113 68.67.179.113	29990 (ASN-APPNEX) (ASN-APPNEX)
7	3.230.217.116 3.230.217.116	14618 (AMAZON-AES) (AMAZON-AES)
1	185.93.1.243 185.93.1.243	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
6	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
1	54.84.52.35 54.84.52.35	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.64.66 142.250.64.66	15169 (GOOGLE) (GOOGLE)
3 5	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
11	2607:f8b0:400... 2607:f8b0:4006:816::2006	15169 (GOOGLE) (GOOGLE)
2	54.230.163.76 54.230.163.76	16509 (AMAZON-02) (AMAZON-02)
2	142.251.40.98 142.251.40.98	15169 (GOOGLE) (GOOGLE)
2	18.203.194.19 18.203.194.19	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f1:ee00:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	35.174.222.86 35.174.222.86	14618 (AMAZON-AES) (AMAZON-AES)
94	35

1 179.191.190.71 (Miami, United States) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)
PTR: 179-191-190-71.rev.azion.net

tempoagora.clicrbs.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 179.191.187.67 (Reston, United States) 1 redirects

ASN52580 (Azion Technologies Ltda., BR)
PTR: 179-191-187-67.rev.azion.net

tempo.clic.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::681a:a5b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.privacytools.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 179.191.187.64 (Reston, United States)

ASN52580 (Azion Technologies Ltda., BR)
PTR: 179-191-187-64.rev.azion.net

ad.clicrbs.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c17::9a (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2008 (Hudson Falls, United States) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81d::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.33.60.43 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-43.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 179.191.190.66 (Miami, United States)

ASN52580 (Azion Technologies Ltda., BR)
PTR: 179-191-190-66.rev.azion.net

www.clicrbs.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2004 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200e (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.139.47.54 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-54.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 138.199.40.58 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-40-58.datapacket.com

l.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c002:300::98 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.179.113 (Secaucus, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.93.1.243 (Chicago, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-718.bunnyinfra.net

s2.getsitecontrol.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:80e::2001 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.84.52.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-52-35.compute-1.amazonaws.com

events.getsitectrl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81d::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:820::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2002 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.64.66 (Glen Cove, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s30-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.40.39.223 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:816::2006 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.163.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-76.ewr53.r.cloudfront.net

bucket.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s79-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.194.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-194-19.eu-west-1.compute.amazonaws.com

neural40.cdnwebcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f1:ee00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.222.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-222-86.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 294	238 KB
14	googlesyndication.com a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	93 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	3 MB
7	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1118	48 KB
7	clicrbs.com.br 1 redirects tempoagora.clicrbs.com.br ad.clicrbs.com.br www.clicrbs.com.br	114 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 512	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
5	privacytools.com.br cdn.privacytools.com.br — Cisco Umbrella Rank: 252736	52 KB
5	clic.com.br 1 redirects tempo.clic.com.br	580 KB
4	cdnwebcloud.com bucket.cdnwebcloud.com — Cisco Umbrella Rank: 29570 neural40.cdnwebcloud.com — Cisco Umbrella Rank: 39834	8 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 209	4 KB
4	hotjar.com 2 redirects static.hotjar.com — Cisco Umbrella Rank: 625	6 KB
4	scorecardresearch.com 1 redirects b.scorecardresearch.com — Cisco Umbrella Rank: 4559 sb.scorecardresearch.com — Cisco Umbrella Rank: 146	3 KB
3	getsitecontrol.com l.getsitecontrol.com — Cisco Umbrella Rank: 16709 s2.getsitecontrol.com — Cisco Umbrella Rank: 24291	75 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	20 KB
3	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 25235 usr.navdmp.com — Cisco Umbrella Rank: 29415 cdn.navdmp.com — Cisco Umbrella Rank: 5989	6 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com — Cisco Umbrella Rank: 53	97 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1132	294 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1239	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	48 KB
1	getsitectrl.com events.getsitectrl.com — Cisco Umbrella Rank: 18620	869 B
1	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 439	7 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
94	24

	Domain	Requested by
11	s0.2mdn.net	tempo.clic.com.br s0.2mdn.net
8	pagead2.googlesyndication.com	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
7	c2shb.ssp.yahoo.com	tempo.clic.com.br
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	tpc.googlesyndication.com	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
5	ad.clicrbs.com.br	tempo.clic.com.br ad.clicrbs.com.br
5	cdn.privacytools.com.br	tempo.clic.com.br
5	tempo.clic.com.br	1 redirects tempo.clic.com.br
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	2 redirects tempo.clic.com.br googleads.g.doubleclick.net
4	static.hotjar.com	2 redirects tempo.clic.com.br
4	securepubads.g.doubleclick.net	ad.clicrbs.com.br securepubads.g.doubleclick.net tempo.clic.com.br
4	www.google.com	tempo.clic.com.br a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
4	stats.g.doubleclick.net	1 redirects tempo.clic.com.br
3	www.google-analytics.com	tempo.clic.com.br
3	sb.scorecardresearch.com	1 redirects tempo.clic.com.br
2	neural40.cdnwebcloud.com	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	tempo.clic.com.br
2	bucket.cdnwebcloud.com	s0.2mdn.net bucket.cdnwebcloud.com
2	googleads.g.doubleclick.net	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com tempo.clic.com.br
2	l.getsitecontrol.com	www.googletagmanager.com tempo.clic.com.br
2	www.googletagmanager.com	1 redirects tempo.clic.com.br
1	ping.chartbeat.net
1	static.chartbeat.com	tempo.clic.com.br
1	www.googletagservices.com	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
1	events.getsitectrl.com	s2.getsitecontrol.com
1	a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	s2.getsitecontrol.com	l.getsitecontrol.com
1	fastlane.rubiconproject.com	tempo.clic.com.br
1	www.clicrbs.com.br	tempo.clic.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	fonts.gstatic.com	fonts.googleapis.com
1	b.scorecardresearch.com	tempo.clic.com.br
1	usr.navdmp.com	tag.navdmp.com
1	fonts.googleapis.com	tempo.clic.com.br
1	tag.navdmp.com	tempo.clic.com.br
1	tempoagora.clicrbs.com.br	1 redirects
94	38

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
yr.no
dpo.privacytools.com.br

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.clicrbs.com.br Thawte RSA CA 2018	`2022-06-21` - `2023-07-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.getsitecontrol.com Go Daddy Secure Certificate Authority - G2	`2022-03-05` - `2023-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.getsitectrl.com Amazon	`2022-01-13` - `2023-02-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.cdnwebcloud.com Amazon	`2022-09-21` - `2023-10-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: http://tempo.clic.com.br/rs/porto-alegre
Frame ID: 8C60FDDD1354069163B4099DC67D2F6A
Requests: 56 HTTP requests in this frame

Frame: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2EBDCFC4E1289AED0D7FB3675D1CB206
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY0cTscTAB&v=APEucNU1z_M-1zigW15OVCx9_uRovdcIrirDn7r8RuNnvKwL_drY46k8SW6leDRDwoRrJX84brECc3p2iv5NMKYEemUUii4Cmg
Frame ID: 2FA4B025559801ED1F610378E8EFCBD3
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
Frame ID: 0E564131C3D60E4BD7FAAB90C6BE1766
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4C365E6501B4A3544715E27179D614C7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: D4B64B51619D56FE5408573A6943EA96
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Previsão do Tempo Porto Alegre - RS | ClicTempoChuvaChuvaSol com chuvaSol com chuvaSol com chuvaParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoNubladoSol com chuvaSol com chuvaSol com chuvaParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoSol com chuvaSol com chuvaSol com chuvaParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoSol com chuvaSol com chuvaSol com chuvaParcialmente nubladoParcialmente nubladoSol com chuvaSol com chuvaSol com chuvaParcialmente nubladoParcialmente nubladoSol com chuvaSol com chuvaSol com chuvaChuvaChuvaNubladoParcialmente nubladoParcialmente nubladoNubladoChuvaChuvaParcialmente nubladoParcialmente nubladoSol com chuvaSol com chuvaSol com chuvaSol com chuvaSol com chuvaSol com chuvaChuvaChuvaParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroNubladoCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoNubladoNubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoNubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoParcialmente nubladoNubladoCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroCéu claroNubladoCéu claroCéu claroCéu claroCéu claroCéu claroNubladoCéu claroCéu claroCéu claroCéu claroCéu claroNubladoCéu claroCéu claroCéu claroCéu claroNubladoNubladoParcialmente nubladoParcialmente nubladoNubladoNubladoCéu claroChuvaChuvaNubladoNubladoNubladoNubladoNubladoNublado

Page URL History Show full URLs

http://tempoagora.clicrbs.com.br/ HTTP 301
http://tempo.clic.com.br/ HTTP 302
http://tempo.clic.com.br/rs/porto-alegre Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

94
Requests

73 %
HTTPS

49 %
IPv6

24
Domains

38
Subdomains

35
IPs

3
Countries

4094 kB
Transfer

7160 kB
Size

26
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre%3Fh%3Ddh7oka08avetjlrvjwlip8lza
Title: Compartilhar

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=ClicTempo%20-%20Previs%C3%A3o%20do%20tempo%20para%20RS%20e%20SC%20-%20&url=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre%3Fh%3Ddh7oka08avetjlrvjwlip8lza
Title: Twittar

Search URL Search Domain Scan URL

URL: http://yr.no/
Title: yr.no

Search URL Search Domain Scan URL

URL: https://dpo.privacytools.com.br/policy-view/c/1/politica-de-privacidade/ooroto/pt_BR
Title: Política de privacidade

Search URL Search Domain Scan URL

URL: https://dpo.privacytools.com.br/policy-view/c/1/Politica-de%20privacidade/ooroto/PT-BR
Title: Política de Privacidade.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tempoagora.clicrbs.com.br/ HTTP 301
http://tempo.clic.com.br/ HTTP 302
http://tempo.clic.com.br/rs/porto-alegre Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://stats.g.doubleclick.net/dc.js HTTP 307
https://stats.g.doubleclick.net/dc.js

Request Chain 9

http://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR HTTP 302
https://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR

Request Chain 17

https://sb.scorecardresearch.com/b?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&c9=

Request Chain 19

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=181753028&utmhn=tempo.clic.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&utmhid=1486913852&utmr=-&utmp=%2Frs%2Fporto-alegre&utmht=1668428210805&utmac=UA-3469445-1&utmcc=__utma%3D1.839897968.1668428211.1668428211.1668428211.1%3B%2B__utmz%3D1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=527862513&utmredir=3&utmu=qFAAAAAwAAAAAAAAAAAAAAAE~ HTTP 307
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=181753028&utmhn=tempo.clic.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&utmhid=1486913852&utmr=-&utmp=%2Frs%2Fporto-alegre&utmht=1668428210805&utmac=UA-3469445-1&utmcc=__utma%3D1.839897968.1668428211.1668428211.1668428211.1%3B%2B__utmz%3D1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=527862513&utmredir=3&utmu=qFAAAAAwAAAAAAAAAAAAAAAE~ HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3469445-1&cid=839897968.1668428211&jid=527862513&_v=5.7.2dc&z=181753028

Request Chain 24

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 25

http://static.hotjar.com/c/hotjar-7070.js?sv=2 HTTP 301
https://static.hotjar.com/c/hotjar-7070.js?sv=2

Request Chain 26

http://static.hotjar.com/c/hotjar-562232.js?sv=5 HTTP 301
https://static.hotjar.com/c/hotjar-562232.js?sv=5

Request Chain 43

http://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.839897968.1668428211.1668428211.1668428211.1&_utmz=1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1668428211443&_u=YSDCgAABAAAAAC~&jid=152503705&gjid=1356886842&cid=839897968.1668428211&tid=UA-52642317-12&_gid=1285329752.1668428211&gtm=2wgb90MZ8ZZR&z=1898576038 HTTP 307
https://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.839897968.1668428211.1668428211.1668428211.1&_utmz=1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1668428211443&_u=YSDCgAABAAAAAC~&jid=152503705&gjid=1356886842&cid=839897968.1668428211&tid=UA-52642317-12&_gid=1285329752.1668428211&gtm=2wgb90MZ8ZZR&z=1898576038

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1&C=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3IxtVFSZoO2mxPha-hqeAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8Ic0paNXvYjzHN4z2C0fs&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsRopaUEd19NWbKHsH2m8&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwODAyOTkwNzQ4MDI3NDUy

94 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request porto-alegre Show response
tempo.clic.com.br/rs/
Redirect Chain

http://tempoagora.clicrbs.com.br/
http://tempo.clic.com.br/
http://tempo.clic.com.br/rs/porto-alegre

493 KB
493 KB

66ms
59ms

Document
text/html

179.191.187.67
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

http://tempo.clic.com.br/rs/porto-alegre

Protocol

HTTP/1.1

Server

179.191.187.67 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

179-191-187-67.rev.azion.net

Software

Resource Hash

83fd85119240118cd90469270fa94852b467a73ece715d8863d7acc18a3b3a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: max-age=300
Connection: keep-alive
Content-Length: 504788
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Nov 2022 12:16:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Vary: Accept-Encoding
gcp: 2

Redirect headers

Cache-Control: max-age=-1
Connection: keep-alive
Content-Length: 219
Content-Type: text/html; charset=utf-8
Date: Mon, 14 Nov 2022 12:16:49 GMT
Location: /rs/porto-alegre
Strict-Transport-Security: max-age=63072000; includeSubDomains
gcp: 2

GET
H/1.1 200
OK application.min.css
tempo.clic.com.br/static/build/css/ 99 KB
18 KB 170ms
116ms Stylesheet
text/css 179.191.187.67
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

http://tempo.clic.com.br/static/build/css/application.min.css

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

HTTP/1.1

Server

179.191.187.67 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

179-191-187-67.rev.azion.net

Software

Resource Hash

e57d712a2bfc2506f7fd2f7fdf18a406bf98654b00a6cef5821c54eff43f2ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/rs/porto-alegre
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:16:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 19:05:49 GMT
ETag: W/"1661799949.0-101019-1871123889"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
gcp: 2
Cache-Control: no-cache, max-age=300
Content-Disposition: inline; filename=application.min.css
Connection: keep-alive

GET
H2 200 tm23955.js Show response
tag.navdmp.com/ 17 KB
6 KB 139ms
44ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm23955.js
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb22e0ece547bab46eda8c5b751e8c9c18e769457b0c75b5a9c5cad417c3ea07

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:50 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 26 Sep 2022 21:11:21 GMT
server: cloudflare
age: 3354
etag: W/"63321579-44bc"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 769fae39d8e28dc0-MIA
expires: Mon, 14 Nov 2022 12:20:56 GMT

GET
H2 200 VXZ19161.js Show response
cdn.privacytools.com.br/public_api/banner/autoblock/ 103 KB
8 KB 137ms
44ms Script
application/json 2606:4700:20::681a:a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/autoblock/VXZ19161.js?t=1597696237642

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bdec7f5f17d144f0c5adb5bab7ec2c5a6008c3922e4bfec53d8b96d238fbd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 27 Oct 2022 23:09:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1516036
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3PGOeAzTV%2FaN6Q9RHz7%2FA2DUULGvUX7CMX8vfGiwORkQRYK9x65eEBRLFY3jLZRPfB1dEWVIt5Kz9y5GSDXwcPc4Amd4ETtn%2FPu0PMvakOxdYvAYi7ZZ0HUI21lS93aATdw18k7hVuOMAQ1pdPsZlaJfQRIU"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=2678400
x-robots-tag: noindex
cf-ray: 769fae39df88da3f-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bundle.min.js Show response
tempo.clic.com.br/static/build/js/ 109 KB
44 KB 85ms
81ms Script
application/javascript 179.191.187.67
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL

http://tempo.clic.com.br/static/build/js/bundle.min.js

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

HTTP/1.1

Server

179.191.187.67 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

179-191-187-67.rev.azion.net

Software

Resource Hash

b2aea1042dccfd4171e544212e3e425effb80de3e4b4de2f42f38f70fc269cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/rs/porto-alegre
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:16:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 19:05:49 GMT
ETag: W/"1661799949.0-111109-3718910655"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
gcp: 2
Cache-Control: no-cache, max-age=300
Content-Disposition: inline; filename=bundle.min.js
Connection: keep-alive

GET
H/1.1 200
OK module-ads.min.js Show response
ad.clicrbs.com.br/beta/js/ 86 KB
16 KB 376ms
58ms Script
application/javascript 179.191.187.64
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.clicrbs.com.br/beta/js/module-ads.min.js
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: HTTP/1.1
Server: 179.191.187.64 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-187-64.rev.azion.net
Software: UploadServer /
Resource Hash: ebb43c5b849d499a66ac9559f85cb2140a373f3cc5336ac719127ae6db5d3959

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: Fri, 11 Nov 2022 15:43:34 GMT
Date: Mon, 14 Nov 2022 12:16:50 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdvCF_KOejrePAGJiUFVSM1zAEFz9QcXjOLmR0KbD1nu2c_FXN0rE-bl_yRqenGjsiTjOP_MFK75SmtNwEk5Aj5KuQ
Transfer-Encoding: chunked
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Last-Modified: Fri, 11 Nov 2022 13:59:12 GMT
Server: UploadServer
ETag: W/"55c4668200f87eab51cbd08fb48d27fd"
Vary: Accept-Encoding
x-goog-generation: 1668175152470079
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=WsAkng==, md5=VcRmggD4fqtRy9CPtI0n/Q==
Cache-Control: public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
Access-Control-Allow-Methods: *
x-goog-stored-content-length: 87932
Access-Control-Max-Age: 3600
Version: 2

GET
H2 200 wv1E9161.css
cdn.privacytools.com.br/public_api/banner/style/ 8 KB
2 KB 48ms
44ms Stylesheet
text/css 2606:4700:20::681a:a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/style/wv1E9161.css?t=1597696237629

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 14 Nov 2022 12:08:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 474
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2I%2B0fqvrtYmrghfvWmiqhrRddiDEDdbJc%2BI1GR2zOKX6wTHBPsU9CntMiBCEFLsanuLhRHcTLFA0BfhyuHVBSum1UY80WUFgjsJNzCeHlwFQCnHhDVExv5M3Zl9H%2F9vP76WPDo0oTyyrEUlEVxtUySimPUU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 769fae3a5ffeda3f-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 227ms
91ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700;800&display=swap

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/static/build/css/application.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bd2fd2bec5d78c09de6f5937a7a55be6b59365679743f5d043b65bd31df84bd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 14 Nov 2022 12:16:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 10:58:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Nov 2022 12:16:50 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 77 B
288 B 110ms
88ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=23955&upd=1&new=1&wst=0&wct=1&wla=1&dsy=0
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 199e3486a35eeb4bf55d8bfbd4f15177a740dda684a8b5d76b8a38dd3024f63a

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: public
date: Mon, 14 Nov 2022 12:16:50 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 769fae3c1bc98dc0-MIA
expires: Mon, 14 Nov 2022 13:16:50 GMT

GET
H2

200

dc.js Show response
stats.g.doubleclick.net/
Redirect Chain

http://stats.g.doubleclick.net/dc.js
https://stats.g.doubleclick.net/dc.js

45 KB
17 KB

186ms
59ms

Script
text/javascript

2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 10:48:33 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5297
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Mon, 14 Nov 2022 12:48:33 GMT

Redirect headers

Location: https://stats.g.doubleclick.net/dc.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

gtm.js Show response
www.googletagmanager.com/
Redirect Chain

http://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR
https://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR

318 KB
96 KB

261ms
103ms

Script
application/javascript

2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

2607:f8b0:4006:81e::2008 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3c4cfb0b03e8f50fa934c3265e0114c1729d9c9b56c59eeedf6eabd4f6ffd7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98012
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Nov 2022 12:16:50 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR
Date: Mon, 14 Nov 2022 12:16:50 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 4 KB
2 KB 151ms
66ms Script
application/javascript 108.139.47.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: HTTP/1.1
Server: 108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-47-108.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Sun, 13 Nov 2022 12:48:52 GMT
Content-Encoding: gzip
Via: 1.1 667392b7601b2f20a44ef149f6859dae.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P1
Age: 84478
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
Server: AmazonS3
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
X-Amz-Cf-Id: OW008oemkzzGSjJmYgm1CxpYg-1oTE8vjoVjWNYGkz49eG_DetTyWg==

GET
H/1.1 200
OK map.svg
tempo.clic.com.br/static/images/ 68 KB
24 KB 83ms
83ms Image
image/svg+xml 179.191.187.67
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://tempo.clic.com.br/static/images/map.svg

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/static/build/css/application.min.css

Protocol

HTTP/1.1

Server

179.191.187.67 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),

Reverse DNS

179-191-187-67.rev.azion.net

Software

Resource Hash

a151b13aca148b5dac94e47a366bece8a103f476ba6e2fc137953929ceb2899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/static/build/css/application.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:16:50 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Content-Encoding: gzip
Last-Modified: Mon, 29 Aug 2022 19:00:29 GMT
ETag: W/"1661799629.0-69875-1384583134"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml; charset=utf-8
gcp: 2
Cache-Control: no-cache, max-age=300
Content-Disposition: inline; filename=map.svg
Connection: keep-alive

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 216ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;700;800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://tempo.clic.com.br
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 07 Nov 2022 18:52:16 GMT
x-content-type-options: nosniff
age: 581074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Nov 2023 18:52:16 GMT

GET
DATA 200
OK truncated
/ 94 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 107a216b8d26e5f86ddd4fb69f53b6e7daa68e445dbca06ff6a279002f194e14

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 94ms
82ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=11bc2d60cd17b4baeee69dca1610&acc=23955&url=http%3A//tempo.clic.com.br/rs/porto-alegre&tit=Previs%E3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm23955.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 769fae3d5d438dc0-MIA
content-length: 6
content-type: application/x-javascript

GET
H/1.1 200
OK ads-config-clictempo.json Show response
ad.clicrbs.com.br/json/ 19 KB
3 KB 111ms
57ms XHR
application/json 179.191.187.64
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.clicrbs.com.br/json/ads-config-clictempo.json
Requested by: Host:
URL: webpack:///./src/module-ads-new.js_+_1_modules?
Protocol: HTTP/1.1
Server: 179.191.187.64 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-187-64.rev.azion.net
Software: UploadServer /
Resource Hash: 3e60c8f16e3db92b5e3aa081989b37d94aa9a20df7211cec177f044ac3c13eae

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: Mon, 18 Jul 2022 21:33:18 GMT
Date: Mon, 14 Nov 2022 12:16:50 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdsa-ZbpZpwCuuRtE_6ENR_53Vh7WkjAWJ6QFnlzPAcExHsDDbGjHjbzj87PuOnFOsnJYcYyTWv3gVTZnxNqtJ4jkg
Transfer-Encoding: chunked
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Last-Modified: Mon, 09 May 2022 12:54:09 GMT
Server: UploadServer
ETag: W/"ddf9e7446ea39d11fa398311afe6d40a"
Vary: Accept-Encoding
x-goog-generation: 1652100849708904
Content-Type: application/json
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=0CUUJA==, md5=3fnnRG6jnRH6OYMRr+bUCg==
Cache-Control: public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
Access-Control-Allow-Methods: *
x-goog-stored-content-length: 18967
Access-Control-Max-Age: 3600
Version: 2

GET
H3 200 wv1E9161.js Show response
cdn.privacytools.com.br/public_api/banner/script/ 163 KB
23 KB 343ms
343ms Script
text/javascript 2606:4700:20::681a:a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/script/wv1E9161.js?p=bottom&t=15976962376291668428210760

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b204a3d2c9867708bc2c0bda2086518aa449bbf2add8e0b0cc30408ba9fe7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 14 Nov 2022 12:16:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jzYPT3qUOmnPJjeBnV5p4GjIjRcbg1WnVWwpPUZuyB56lGA%2BiGqkuevgf4U4DofSbYaatV1Jt6bJix700lV0ZN8xmYBi1%2Fqx8yr4cegsEITfJaME%2F6C6UEhAa3S9UOMVPM3FMExV6zKZcR1NgY2bzaXordSx"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=14400, s-maxage=86400, must-revalidate, proxy-revalidate
x-robots-tag: noindex
cf-ray: 769fae3d5b2d2221-MIA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Port...
https://sb.scorecardresearch.com/b2?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Por...

0
189 B

75ms
75ms

Image
text/plain

13.33.60.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&c9=
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Server: 13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-43.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: lCHpX58bc6x2J1gH8hDt_trbu1KxccSs9IRpLWGU7HPxfhr_AJrhIg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428210762&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&c9=
date: Mon, 14 Nov 2022 12:16:50 GMT
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: Iy-tc0QI4S8LWKDXc16zMuD3IOEpXuBCyZl8gsbq8GAPBu4WHx2yCA==
x-cache: Miss from cloudfront

GET
H2 200 urchin.gif
www.clicrbs.com.br/refresh/ 43 B
221 B 638ms
321ms Image
image/gif 179.191.190.66
Azion Technologie...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.clicrbs.com.br/refresh/urchin.gif?utmwv=5.7.2dc&utms=1&utmn=1953349223&utmhn=tempo.clic.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&utmhid=1486913852&utmr=-&utmp=%2Frs%2Fporto-alegre
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 179.191.190.66 Miami, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-190-66.rev.azion.net
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type: image/gif
date: Mon, 14 Nov 2022 12:16:51 GMT
cache-control: public, max-age=86400, stale-while-revalidate=300, stale-if-error=86400
accept-ranges: bytes
content-length: 43
x-forwarded-for: 38.132.118.72
version: 1

GET
H2

200

ga-audiences
www.google.com/ads/
Redirect Chain

http://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=181753028&utmhn=tempo.clic.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pre...
https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=181753028&utmhn=tempo.clic.com.br&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Pr...
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3469445-1&cid=839897968.1668428211&jid=527862513&_v=5.7.2dc&z=181753028

42 B
501 B

219ms
82ms

Image
image/gif

2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3469445-1&cid=839897968.1668428211&jid=527862513&_v=5.7.2dc&z=181753028

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

2607:f8b0:4006:80c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 12:16:50 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-3469445-1&cid=839897968.1668428211&jid=527862513&_v=5.7.2dc&z=181753028
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK module-ads.google1.6.12.min.js Show response
ad.clicrbs.com.br/js/ 36 KB
11 KB 55ms
55ms Script
application/javascript 179.191.187.64
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.clicrbs.com.br/js/module-ads.google1.6.12.min.js
Requested by: Host:
URL: webpack:///./src/module-ads-new.js_+_1_modules?
Protocol: HTTP/1.1
Server: 179.191.187.64 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-187-64.rev.azion.net
Software: UploadServer /
Resource Hash: fab51547aabc8f61ae999cdb195813ba465f6b0c24a0fa5d5c2affa20ffa34aa

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: Mon, 21 Jun 2021 15:13:05 GMT
Date: Mon, 14 Nov 2022 12:16:50 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-Uyi3fW24hJ_XDNrC16LludxOg9fKByTucXIyWmYi88iWvtYRAyr_w6Mew980CS0QcjsmoBDjFKCx0AyZiEy-CY
Transfer-Encoding: chunked
x-goog-storage-class: STANDARD
Connection: keep-alive
Last-Modified: Mon, 21 Jun 2021 15:03:31 GMT
Server: UploadServer
ETag: W/"daea037fc0a3e757523b1e26acac0636"
Vary: Accept-Encoding
x-goog-hash: crc32c=z/PHkg==, md5=2uoDf8Cj51dSOx4mrKwGNg==
Content-Type: application/javascript
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: *
Cache-Control: public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
Access-Control-Allow-Origin: *
Version: 2

GET
H/1.1 200
OK module-ads.prebid1.3.3.min.js Show response
ad.clicrbs.com.br/js/ 9 KB
5 KB 110ms
55ms Script
application/javascript 179.191.187.64
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Requested by: Host:
URL: webpack:///./src/module-ads-new.js_+_1_modules?
Protocol: HTTP/1.1
Server: 179.191.187.64 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-187-64.rev.azion.net
Software: UploadServer /
Resource Hash: 43ab293aa96bcffebf4bccdc386299404604c7ec8049f4f53de10fd7dbe2d4b9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: Sun, 16 Oct 2022 22:09:17 GMT
Date: Mon, 14 Nov 2022 12:16:50 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycdu6EzmlsmydeuxA59stzVuT98bEBHfCZOuCALOluvDDQXqMuR-kVvjJpIsIfM0dQSDfDe9I2JOMR-3oGmb9egw3FUW1HpHN
Transfer-Encoding: chunked
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Last-Modified: Mon, 10 Oct 2022 16:35:59 GMT
Server: UploadServer
ETag: W/"5e8200a758223e786bdfd6ed5092a996"
Vary: Accept-Encoding
x-goog-generation: 1665419759349598
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-goog-hash: crc32c=W/vkoQ==, md5=XoIAp1giPnhr39btUJKplg==
Cache-Control: public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
Access-Control-Allow-Methods: *
x-goog-stored-content-length: 9655
Access-Control-Max-Age: 3600
Version: 2

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 225ms
86ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ad.clicrbs.com.br
URL: http://ad.clicrbs.com.br/js/module-ads.google1.6.12.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e72d5a56aa522cefe1b3bc1697b319b5b6ef7bf8199b43661addf1c736dfb2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27286
x-xss-protection: 0
server: sffe
etag: "1391 / 587 of 1000 / last-modified: 1668418903"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 14 Nov 2022 12:16:51 GMT

GET
H/1.1 200
OK prebid4.28.0.min.js Show response
ad.clicrbs.com.br/js/ 210 KB
79 KB 58ms
58ms Script
application/javascript 179.191.187.64
Azion Technologie...

General

Check archive.org

Show headers Download Go to

Full URL: http://ad.clicrbs.com.br/js/prebid4.28.0.min.js
Requested by: Host: ad.clicrbs.com.br
URL: http://ad.clicrbs.com.br/js/module-ads.prebid1.3.3.min.js
Protocol: HTTP/1.1
Server: 179.191.187.64 Reston, United States, ASN52580 (Azion Technologies Ltda., BR),
Reverse DNS: 179-191-187-64.rev.azion.net
Software: UploadServer /
Resource Hash: bb6db5ffc58d1096848f64173f5a08beac1c251b08ab92948730ab30ed119f0f

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Expires: Fri, 26 Mar 2021 12:05:42 GMT
Date: Mon, 14 Nov 2022 12:16:51 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ABg5-UxRQSKweAEmP1RiACcU2tSOmezturT7Q8SajD-M2AbVvXj_cobkwBAPH4Vomj0z1cCw2ywRcmEFiqqf-vDK-o3v5i5kmQ
Transfer-Encoding: chunked
x-goog-storage-class: STANDARD
Connection: keep-alive
Last-Modified: Wed, 10 Mar 2021 11:49:31 GMT
Server: UploadServer
ETag: W/"99f755a7fb5f11ce5486258dd6b25e5e"
Vary: Accept-Encoding
x-goog-hash: crc32c=2cCa2Q==, md5=mfdVp/tfEc5UhiWN1rJeXg==
Content-Type: application/javascript
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: *
Cache-Control: public, max-age=86400, stale-while-revalidate=86400, stale-if-error=86400
Access-Control-Allow-Origin: *
Version: 2

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

204ms
64ms

Script
text/javascript

2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 14 Nov 2022 11:27:35 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2956
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 14 Nov 2022 13:27:35 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2

200

hotjar-7070.js Show response
static.hotjar.com/c/
Redirect Chain

http://static.hotjar.com/c/hotjar-7070.js?sv=2
https://static.hotjar.com/c/hotjar-7070.js?sv=2

4 KB
2 KB

291ms
147ms

Script
application/javascript

108.139.47.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-7070.js?sv=2

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

108.139.47.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-54.jfk50.r.cloudfront.net

Software

Resource Hash

64d19be0a5e84a0636d72f7c88e9b13437e4e732c34b23dff3a24b5bcd80cda3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
etag: W/68be3279b979e7abeb984180cbf7f100
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: BMEgRmr1ckpC_KZ2IxqxsHc4-dd3nRwfx7ZjjbW0MVIxYXI5lSkGuQ==

Redirect headers

Date: Mon, 14 Nov 2022 12:16:51 GMT
Via: 1.1 b5c1f99a1985819c0c422c9ce2cc03fc.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://static.hotjar.com/c/hotjar-7070.js?sv=2
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: MoAukC862l0_h668gCnu9ADQeovVH4WCGhqdgpItQKxp30fwtvqmxw==

GET
H2

200

hotjar-562232.js Show response
static.hotjar.com/c/
Redirect Chain

http://static.hotjar.com/c/hotjar-562232.js?sv=5
https://static.hotjar.com/c/hotjar-562232.js?sv=5

4 KB
2 KB

289ms
146ms

Script
application/javascript

108.139.47.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-562232.js?sv=5

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

108.139.47.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-139-47-54.jfk50.r.cloudfront.net

Software

Resource Hash

da4fb28346944e8099819fcbe2b779a3148682de9cad095eb5d69fe9f7f7e16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 23a7db9b99ad0ff99aeef1ab5f27e734.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P1
etag: W/d6eff0db066a91f9244bd79a7a7b41b3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DOvIXT5CsEpltwrQnLopOYpEGB2FyteomhijF7p89PYOER7NQxYDrQ==

Redirect headers

Date: Mon, 14 Nov 2022 12:16:51 GMT
Via: 1.1 b4d4149b3eab97748926fd7af4eba404.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: JFK50-P1
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://static.hotjar.com/c/hotjar-562232.js?sv=5
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 81ccfmYFoYvnk_eWuA_6Lnn3mYYTDOUXDL1lO63-eRRW3oaB4HeKZw==

GET
H/1.1 200
OK pwpvk5wz.js Show response
l.getsitecontrol.com/ 433 B
1 KB 148ms
65ms Script
text/javascript 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: http://l.getsitecontrol.com/pwpvk5wz.js
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-MZ8ZZR
Protocol: HTTP/1.1
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 12:16:51 GMT
Content-Encoding: gzip
CDN-EdgeStorageId: 885
x-amz-request-id: 3P424ZHEYRP4AGKC
Transfer-Encoding: chunked
CDN-CachedAt: 11/13/2022 16:31:16
CDN-PullZone: 89704
Connection: keep-alive
x-amz-id-2: 8kwbO7zjKQk0M6ThMb8Sk+pYePgwh8ACX3tHb5mX2P8138S3xv+vA5DlXg43D6khG93lbCQqga8=
Last-Modified: Sat, 12 Nov 2022 03:22:46 GMT
Server: BunnyCDN-NY-885
CDN-ProxyVer: 1.03
CDN-RequestPullCode: 200
ETag: "f6f05d02f1884a6be0bf5516cead751d"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
CDN-Cache: HIT
CDN-Uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
Access-Control-Expose-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
Cache-Control: public, max-age=86400
CDN-RequestId: 62c19e3d9eaf068e46268c39468b028c
CDN-RequestCountryCode: US
Access-Control-Allow-Headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
CDN-Status: 200
CDN-RequestPullSuccess: True

GET
H2 204 b
sb.scorecardresearch.com/ 0
284 B 71ms
71ms Image
text/plain 13.33.60.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=7279431&cs_it=b3&cv=3.8.0.210223&ns__t=1668428211194&ns_c=UTF-8&c7=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&c8=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&c9=
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-43.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
via: 1.1 ebfea1c8ef298b6d415684e80825a276.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: CjAN28MCLluYHjZJt32UEJDTUfGCRS5CyeclMAyexZycVn36uw7uog==
x-cache: Miss from cloudfront

GET
H3 200 pubads_impl_2022110901.js Show response
securepubads.g.doubleclick.net/gpt/ 381 KB
129 KB 200ms
65ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 19:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231907
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131975
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 09:36:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 11 Nov 2023 19:51:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 147 B
117 B 227ms
92ms XHR
application/json 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=tempo.clic.com.br

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d46239be1c44c268c1d4bd7fd19a5f0b4036b91fc1c2c607fac1a9b726319373

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Mon, 14 Nov 2022 12:16:51 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 31 KB
7 KB 413ms
165ms XHR
application/json 2602:803:c002:300::98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13786&site_id=163472&zone_id=784604&size_id=15&rf=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&tg_i.pageName=clictempo&tg_i.siteId=24635&tk_flint=pbjs_lite_v4.28.0&x_source.tid=f8ca1def-1e28-4a17-9504-47e68818c41f%3Bf5afff44-9657-41ca-8e20-be7dcd49a08a%3Bc280e285-caf9-4fc5-98e2-78d7831b2df3%3B91c55b30-87c0-4d78-b7e9-92f95977522c%3B336a42b8-0f5b-4901-95cd-81fbd88330df%3Bfb2734a5-4f78-4afa-b537-263d00a41e2e%3Bd6a9cb50-f20c-42ad-a5e6-97f47dccd503&p_screen_res=1600x1200&rp_secure=1&slots=7&rand=0.9844639348563069
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:300::98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f5282c832f97dfa843f8949cc3484761963f56ad16710a5c6072b200f1a3b8af

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://tempo.clic.com.br
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
826 B 230ms
84ms XHR
application/json 68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:51 GMT
AN-X-Request-Uuid: 45d72f8a-4766-4f60-9e07-11f1e29f03fe
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://tempo.clic.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 311ms
145ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_1_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 15fc21be39b52f3fdc2514a9c96267a7a688744d4b8413319943a63e15539c8e

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6817

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 433ms
267ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_2_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 116129eddc1650595728ce4f6cfa6052dd38ad660607ced6dd644968a9976a3f

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6817

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 384ms
218ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_3_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 14b28c168f51d95445095f62a658ed0688cb47523321962a52cb9847e1c094b0

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6849

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 383ms
217ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_4_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 48c8e912c69d6dd828b7a7bdccfc909eff9db9a9ecae0f06a541a0cae96c7167

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6818

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 369ms
204ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_5_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d7fe7c4f6d869ca0ac9f29b8cef5e941473ac4c473874ddf4e53f25d208dba24

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6838

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 371ms
206ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_6_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: cde18682e124276982c74b4e985340f03d39751145c2db65dac998ebb30a489f

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6826

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
7 KB 433ms
267ms XHR
application/json 3.230.217.116
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694fd01787821c1572772813101d7&pos=clictempo_ros_bloco_7_desktop_300x250&cmd=bid
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-217-116.compute-1.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: a44ea93f530cc6081ab2f8e83222640f5f65d949da6bc73d2a780a68dd2d0f9a

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: http://tempo.clic.com.br
access-control-allow-credentials: true
content-length: 6851

GET
H2 200 pwpvk5wz.json Show response
l.getsitecontrol.com/ 771 KB
23 KB 226ms
90ms XHR
application/json 138.199.40.58
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://l.getsitecontrol.com/pwpvk5wz.json
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.40.58 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-40-58.datapacket.com
Software: BunnyCDN-NY-885 /
Resource Hash: f01018799709d76240e1c05305ff88894376f72c304a01ea875915efab0f6795

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: br
cdn-edgestorageid: 885
x-amz-request-id: GGA7KTJY0ZF42B81
cdn-cachedat: 11/12/2022 03:23:25
cdn-pullzone: 89704
x-amz-id-2: kuXsW1bKzATKTZgzPUgEueaaJFpD5pYXaduTzrkhOKvN6zJ4ucD0l5VM5502LfmxkQnjGndj0Ws=
last-modified: Sat, 12 Nov 2022 03:22:46 GMT
server: BunnyCDN-NY-885
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"32d3fbc1d2f05dc47523e3d6d5996598"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cdn-cache: REVALIDATED
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=5
access-control-max-age: 3000
cdn-requestid: f10f6b628dfa6b9d39c9d7e2eaff86b2
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 209ms
78ms XHR
text/plain 2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.839897968.1668428211.1668428211.1668428211.1&_utmz=1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1668428211436&_u=YQBCAAABAAAAAC~&jid=1822107060&gjid=2065644990&cid=839897968.1668428211&tid=UA-52642317-2&_gid=1285329752.1668428211&_r=1&gtm=2wgb90MZ8ZZR&z=1643575534

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://tempo.clic.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 68ms
67ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52642317-12&cid=839897968.1668428211&jid=152503705&gjid=1356886842&_gid=1285329752.1668428211&_u=YSDCgAABAAAAAG~&z=1857199315

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://tempo.clic.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

collect
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegr...
https://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Aleg...

35 B
55 B

186ms
66ms

Image
image/gif

2607:f8b0:4006:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.839897968.1668428211.1668428211.1668428211.1&_utmz=1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1668428211443&_u=YSDCgAABAAAAAC~&jid=152503705&gjid=1356886842&cid=839897968.1668428211&tid=UA-52642317-12&_gid=1285329752.1668428211&gtm=2wgb90MZ8ZZR&z=1898576038

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Server

2607:f8b0:4006:824::200e Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 13 Nov 2022 19:58:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 58703
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j98&a=1486913852&t=pageview&_s=1&dl=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&ul=en-us&de=UTF-8&dt=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.839897968.1668428211.1668428211.1668428211.1&_utmz=1.1668428211.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1668428211443&_u=YSDCgAABAAAAAC~&jid=152503705&gjid=1356886842&cid=839897968.1668428211&tid=UA-52642317-12&_gid=1285329752.1668428211&gtm=2wgb90MZ8ZZR&z=1898576038
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 220ms
84ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52642317-12&cid=839897968.1668428211&jid=152503705&_u=YSDCgAABAAAAAG~&z=1304286571

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runtime.bfd46ce.js Show response
s2.getsitecontrol.com/widgets/es6/ 147 KB
51 KB 207ms
63ms Script
text/javascript 185.93.1.243
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.getsitecontrol.com/widgets/es6/runtime.bfd46ce.js
Requested by: Host: l.getsitecontrol.com
URL: http://l.getsitecontrol.com/pwpvk5wz.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.93.1.243 Chicago, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-718.bunnyinfra.net
Software: BunnyCDN-IL-718 /
Resource Hash: a63ed2d98472b598ce461bf3775c41fc4a3030805179228aa0b39bae9a85d4db

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:51 GMT
content-encoding: br
cdn-edgestorageid: 718
x-amz-request-id: 7QQVCJPT3AJW2786
cdn-cachedat: 11/07/2022 13:31:10
cdn-pullzone: 83560
x-amz-id-2: geFMisFdCLig6gE43wSiP56er18lUHyxSEhtSTGqxDjyyTxF/Yu7H4MGItXT7pm0YtsPUmhwatM=
last-modified: Mon, 07 Nov 2022 13:27:33 GMT
server: BunnyCDN-IL-718
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"54f8c60b25966fe54bbaf0497d476d55"
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: e3a1246b-2fdd-4153-9207-6ca707c9379d
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=22809600
cdn-requestid: 4673c3b9d220026505bce0592b933a32
cdn-requestcountrycode: US
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 79ms
78ms XHR
text/plain 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-52642317-2&cid=839897968.1668428211&jid=1822107060&gjid=2065644990&_gid=1285329752.1668428211&_u=YQBCAAAAAAAAAC~&z=29982509

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://tempo.clic.com.br/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://tempo.clic.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 253ms
83ms Script
application/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tempo.clic.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 84ms
84ms Image
image/gif 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-52642317-2&cid=839897968.1668428211&jid=1822107060&_u=YQBCAAAAAAAAAC~&z=1148281469

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 103 KB
28 KB 815ms
814ms XHR
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=937276933449252&correlator=2850294459620000&eid=31060439%2C31070837%2C31070739&output=ldjh&gdfp_req=1&vrg=2022110901&ptt=17&impl=fifs&iu_parts=21766049037%2Cclicrbs%2Ctempo%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250%2C300x250&ifi=1&adks=1166931157%2C3225889034%2C3848761357%2C1248931210%2C2483673715%2C2967603627%2C1716774383&didk=300589107~2565394306~3190205162~3748874940~2369796528~1260748822~300731077&sfv=1-0-40&prev_scp=FORMATOS%3DBLOCO%25201%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D32bd16ffff5268a%26hb_bidder%3Drubicon%7CFORMATOS%3DBLOCO%25202%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D318fdda40e4da5a%26hb_bidder%3Drubicon%7CFORMATOS%3DBLOCO%25203%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D33afd0d53a372f%26hb_bidder%3Drubicon%7CFORMATOS%3DBLOCO%25204%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D28e6b59aa770b01%26hb_bidder%3Donemobile%7CFORMATOS%3DBLOCO%25205%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D34df9df99ab7b42%26hb_bidder%3Drubicon%7CFORMATOS%3DBLOCO%25206%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.11%26hb_adid%3D3547da8a6f2f3db%26hb_bidder%3Drubicon%7CFORMATOS%3DBLOCO%25207%26REFRESH%3Dtrue%26ESTILO-DE-NATIVO%3DPADR%25C3%2583O%252CPROGRAM%25C3%2581TICA%252CVENDA%2520DIRETA%252CRBS%2520BRAND%2520STUDIO%252CESTILO%25201%252CESTILO%25202%252CESTILO%25203%252CESTILO%25204%252CESTILO%25205%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.12%26hb_adid%3D30cd624edc9df36%26hb_bidder%3Drubicon&eri=1&cust_params=nvg_gender%3D%26nvg_age%3D%26nvg_educat%3D%26nvg_marita%3D%26nvg_income%3D%26nvg_connec%3D%26nvg_city%3D%26nvg_region%3D%26nvg_countr%3D%26nvg_everyo%3D%26nvg_custom%3D%26nvg_brand%3D%26nvg_intere%3D%26nvg_produc%3D%26nvg_career%3D%26nvg_everyb%3D%26nvg_pgende%3D%26nvg_page%3D%26nvg_peduca%3D%26nvg_pmarit%3D%26nvg_pincom%3D%26nvg_lookal%3D%26nvg_opi%3D%26nvg_nvggid%3D%26nvg_nidgen%3D%26nvg_nidage%3D%26nvg_nidedu%3D%26nvg_nidinc%3D%26nvg_nidmar%3D%26nvg_nidbra%3D%26nvg_nidint%3D%26nvg_nidpro%3D%26nvg_nidcar%3D&sc=0&cookie_enabled=1&abxe=1&dt=1668428211814&lmt=1668428211&dlt=1668428210099&idt=1553&adxs=1050%2C1050%2C1050%2C1050%2C1050%2C1050%2C1050&adys=568%2C2287%2C4974%2C7661%2C8588%2C9515%2C10442&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C2%7C3%7C4%7C5%7C6&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2Ftempo.clic.com.br%2Frs%2Fporto-alegre&frm=20&vis=1&psz=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&msz=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250&fws=0%2C0%2C0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=839897968.1668428211&ga_sid=1668428212&ga_hid=1486913852&ga_fc=true&cbidsp=Cu4BCAESbgoHcnViaWNvbhCmAxpeCg8zMmJkMTZmZmZmNTI2OGEQsNsGGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPABIAISNgoJb25lbW9iaWxlEMsCGiQKDzI1OTU1YjVmYTY4YmRmZhDe9gIaA1VTRCgBOgYIrAIQ-gEgARgCIiRmOGNhMWRlZi0xZTI4LTRhMTctOTUwNC00N2U2ODgxOGM0MWYqBAgDIABKAECUIw..~Cu4BCAESbgoHcnViaWNvbhCmAxpeCg8zMThmZGRhNDBlNGRhNWEQpeIGGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPABIAISNgoJb25lbW9iaWxlEL8DGiQKDzM3NzNiMDBhZTdjOGI2MRDe9gIaA1VTRCgBOgYIrAIQ-gEgARgCIiRmNWFmZmY0NC05NjU3LTQxY2EtOGUyMC1iZTdkY2Q0OWEwOGEqBAgDIABKAECUIw..~Cu0BCAESbQoHcnViaWNvbhCmAxpdCg4zM2FmZDBkNTNhMzcyZhCw2wYaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToGCKwCEPoBIAESDwoIYXBwbmV4dXMQ8AEgAhI2CglvbmVtb2JpbGUQigMaJAoPMjk0NTk5N2M0ZDRlYWFlEOH5AhoDVVNEKAE6BgisAhD6ASABGAIiJGMyODBlMjg1LWNhZjktNGZjNS05OGUyLTc4ZDc4MzFiMmRmMyoECAMgAEoAQJQj~CsgBCAESDgoHcnViaWNvbhCmAyACEg8KCGFwcG5leHVzEPABIAIScAoJb25lbW9iaWxlEIkDGl4KDzI4ZTZiNTlhYTc3MGIwMRDh-QIaA1VTRCIJaGJfYmlkZGVyIgdoYl9hZGlkIgVoYl9wYiIHaGJfc2l6ZSIJaGJfc291cmNlIgloYl9mb3JtYXQoAToGCKwCEPoBIAEYAiIkOTFjNTViMzAtODdjMC00ZDc4LWI3ZTktOTJmOTU5Nzc1MjJjKgQIAyAASgBAlCM.~Cu4BCAESbgoHcnViaWNvbhCmAxpeCg8zNGRmOWRmOTlhYjdiNDIQsNsGGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPABIAISNgoJb25lbW9iaWxlEPoCGiQKDzI2MzA4NjFhMzRiZmU1YhDe9gIaA1VTRCgBOgYIrAIQ-gEgARgCIiQzMzZhNDJiOC0wZjViLTQ5MDEtOTVjZC04MWZiZDg4MzMwZGYqBAgDIABKAECUIw..~Cu4BCAESbgoHcnViaWNvbhCmAxpeCg8zNTQ3ZGE4YTZmMmYzZGIQsNsGGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPABIAISNgoJb25lbW9iaWxlEPwCGiQKDzI3ODU4YjgyM2JkZTYxNRDe9gIaA1VTRCgBOgYIrAIQ-gEgARgCIiRmYjI3MzRhNS00Zjc4LTRhZmEtYjUzNy0yNjNkMDBhNDFlMmUqBAgDIABKAECUIw..~Cu4BCAESbgoHcnViaWNvbhClAxpeCg8zMGNkNjI0ZWRjOWRmMzYQjuEHGgNVU0QiCWhiX2JpZGRlciIHaGJfYWRpZCIFaGJfcGIiB2hiX3NpemUiCWhiX3NvdXJjZSIJaGJfZm9ybWF0KAE6BgisAhD6ASABEg8KCGFwcG5leHVzEPABIAISNgoJb25lbW9iaWxlELgDGiQKDzM2NDc4ZWRiYmY5M2M4ZhD-rAMaA1VTRCgBOgYIrAIQ-gEgARgCIiRkNmE5Y2I1MC1mMjBjLTQyYWQtYTVlNi05N2Y0N2RjY2Q1MDMqBAgDIABKAECUIw..

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0d4efc20c236bd54278d52213977066df86b0186137d2bc54979af6715a0bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29025
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://tempo.clic.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2EBD 6 KB
3 KB 238ms
79ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110901.js?cb=31070837

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://tempo.clic.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:16:52 GMT
expires: Tue, 14 Nov 2023 12:16:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 events Show response
events.getsitectrl.com/api/v1/ 621 B
869 B 197ms
65ms Fetch
text/plain 54.84.52.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://events.getsitectrl.com/api/v1/events
Requested by: Host: s2.getsitecontrol.com
URL: https://s2.getsitecontrol.com/widgets/es6/runtime.bfd46ce.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.84.52.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-84-52-35.compute-1.amazonaws.com
Software: Getsitecontrol /
Resource Hash: 20873b2a14ea2177bc9cb83fec76fc812a9872b36d8a385ea042929601b959cf

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:52 GMT
server: Getsitecontrol
access-control-allow-methods: GET,POST
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache
access-control-allow-credentials: false
access-control-allow-headers: Content-Type,X-Requested-With
content-length: 621

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2FA4 624 B
918 B 223ms
84ms Document
text/html 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY0cTscTAB&v=APEucNU1z_M-1zigW15OVCx9_uRovdcIrirDn7r8RuNnvKwL_drY46k8SW6leDRDwoRrJX84brECc3p2iv5NMKYEemUUii4Cmg

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:16:53 GMT
expires: Mon, 14 Nov 2022 12:16:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2EBD 81 KB
35 KB 265ms
127ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcnfaK45_khkOVi5PjK7wKFfoGpC5Wl_w0MGZR1MpJ1RDRgXGOhw3qhS2sLgj67Z9YUMsjpekNHXyxpjEBZFy3220et_bWUSNls9pwXiZvbXKZRKNfdIAlNDsLBdpx8JLQIpoxgBk3izQx1QcsBu4w8NdG-uwYIvf5n4OdtYxmTU9sa_M&dbm_d=AKAmf-DIk_L-ejVH4alx8hykaLjIO8eC7NRm9amBeQjIZTzc0eTFD_g9_P_YBrESFmKwuDT6o7u7yNcA5gDlLjCf9Bl7mF6_iBF6MiH97TAN_b2QlfKod-VtLs-TFUxq9nMy3jEVvOrQuwFXE-am0NHtbRMKDfhd0BqHnlrRAeenuc-6hZRhqB-2I5fJDKjYvWWPhtoQhyzYlTEcQbxGXkqMte0dvGhLUMHkFgWjjtkSgu51s0T62e6t-S1v_djlE1vxO7mOZr-r4ZubzOy_07aZoRok7bh2yqxFHw786chIfMCg95VbZJ_YYOPr8H3qzSQQQ1jfKQifgXFd0uoVqmj_1fPZe0Mbijlriy57IrqQDUsrj8weDn4r6pVt0KH-aGYOAVOLn6rDakH809xA5eX6h8nSx10a92mSv-QrXgJvRHzTbXj0Of6gxuuLzb-9ltXxZCMsGU0lRtSCAOfyolfr21eEpvx2eL6W0tNhUxYME7QxAB7FtMNfGAsLoFZqxPWyN5ur9Sx8gIeCrOBrmD-ShEIK4W0cgZe4nWZOOf7lXvbLGlzKPlqmbcPzu2FUhJWV8b75Wm9GiovN8_m3VzoRoSXmAmfeBCbOrIQABrDVv3IfdM--nmcZwpQLdqFnBST53Y-Qv6uA2Ev5OhHckkFjuBuL1UVtd3Y4Spc_4ZiRyJrZO5Wilb4RUdpFpPtkmqgt6x4JN_ip6mIlXyLDQgCuomp6d-K3_cTOcP1qUm7LA4j8rreHIJIt6lwhXIv1KzhGKoE6lGVN-FbFTWJQ9vtI529rE2ChsRuo-Hq_LTJe3cB4LbOa9i20m0O7IfkTl1AkjNkwGGMEp90eWcPBrOHWUnqvqNLoADu9gHZ3qUMNfuViwjAc640vpdf1flvQIarlSDCDGilWyVFtE02-Hykwc2SsHhemexX4i6aE6_J7PGBdwbnoLQqxPoE1QHP4Sli6R6HntlgFilzFQ753SaYyiRdjUqXp-972zvuFSCz4D8FX7XvJJMDkOlePb2jehWFLU9jAVxPn0PXczGRq2Fi6e62eiGpqXRh1KmexG072Xu5ZD1rcdDCG1JQC_b5kpJtyfdscgZO_VCQmqGOwNNg-fQ1z6hZfh9GcBHDkuy6TWze6EvvLoSRXPKuOyDxQA4AObWtNEvvNtduJO2t9lE5MvryM0C6LboSpjmyoAPPFmRkGoQyuKeG3AHU8ge8kra6rcOvXQVGHUwKQwNKvA2cw6AAfN5AN9fUuAod4KlJ5QARmelG-aj0ETVmK--YnDqTFAeM0XUD7wLPPCqOFpA3ZRxHARKkSKFrSsoNTrNosNtY1FiSVXCpuGSIeywQ-8r5ACNTi8i4d0ZYnsujgQXQ4E-GE6O-NapCm-GmT8hOWYhwNifGHepjUIGaCo2p133Qv0WopskiGVTLwy1O3JX3jt3J6XuSMxs3NulsfomiNKz3WE0lUwbRt86GnKlbkiq35NK4QzjAXEsnDsFsYcu3ZK_Ha7lQbQ53pdt9d5AEmXuJhmQ87HTQyZqGPjTwMnRelY6fyXyBec31yztVkwTpQR4djfjD7GkPeaAt0qJnbm8od70Tk26sP9fIh1_f9XCluWrH-Jt62okdzahwfpNfNMUG3oajkVZMmUsDltwKG5eFZ6pAIRRosD3ehgq1hrCgxFuHRcv3xuAduq5ccN_vUKI_vh-so5GFwNNF2475qwrjVLfPkgJA60cSPFvYJGP_Kb01o3tcBlRkRzDP9RdU_iLFVSSSaSlJCSQcOUOIpFMzW8IdRIIck6eloSbVqBylVKX-jw89dbMPQ-G0VqM92Kp4al4K1hhpnDRxQ4aBNdLBGEZA13InfWkfeM15Hudigqlec-5KG6HdfsPvyAxb20EyOPUxY8EQlj49wfdpogSctdIZdV1PtMHo1HaTtE7PMYv3MM9utSQFVykLrCEXxfTNXTegEPbGNsenjJ0TlM5Ugse7N2NzmYNmUcAcZdu4G2n0OFppP3oPbOjbHQXsvI6-xnzXZc6jqJbg8q9-5zo4r25Wfwi3kYWF8INFxNYuMGcfj3kqr6PeqCFGj5eIT-g9EPafiZCdpaYej6STC1rvd0wK0SkxudytmxIHW9b5h2cz5uRJ179IynybEAtFW_Ijm5eHFkZoykQYG5M2e1ztDf-DqkeE5CWGL2n4dCUOCkSlsYaVJIVGDzxXqc7ab6NhSDY1wNgpi_o9vMfIrIahnXCRh8lTzyyl8sREc-T58zHTl_VfXxtJbS7XWB_7nfkNOKLkh2oi2kujC0LS2t7MxTzvV2uv0jlYjhr9opLHWMSdXJO4pMK4t5nW4LbsTE7WlIi2z-2Kad3WrrDiW6tR3iniO1n5fwtfDrxWBh0QfBWONd9pFhWF1v6ZqNjLmkA00uVG903cpoeP3q6_i0dFMkIxCiFrPdKX7L-4N1X3kgl45HWE3qslXgBmucUdGMSknA1356El6fhrLuEY8KVpu1sqdFP_d5ABGyRb89yV90Zsn4yaz0MrvTR65iADMa1EY-x6-eKgXSEaEUu9gPDs2zTtUsKqzGlyWuQRsfZAzRX_FZK-cg9WHILvYydnu6UVBjzBjvQjv3A7gFgUg0nSExDunOET4dgg7KBmmQHXNirLzJc7uKNz9AVy0fLy8KLNCYoBdzQzlNYRmfr7JIvwYILHc8nN-amBCB8pDizpnwMre8GMEGivkxLM4YPHTuqsg2ELp8EC2kGWNHwkfLuZmQtUyQy5fUOZjQVoARpJZcDlKqeoMBTpGLmZMklqUhtfjsB5xJQB5SAD_PZ8mvCKxXx6px4hTGzuDtE7k4jc3s3YOKK358oRNMSKMMSE6wLFMePyzueIewRbO6xg2e_sWhEPXXmd7JXUmH4htOF8P3UyJ-l_AIqNL8MaXFA_ssSLQRQTmYI1S2lkTKrl_rV6gCIPHDn3L_ykdormdk76uCC7alHXlS9wjsOnHiy_3NMWMfvNBa5qfJLrhgiEF5nv2aD4WTX1cVsD9z7Pvd1gyXZWRljo8ZEoolqma3OUPt78j4uENAnryuHVsil_P6qmDkXz18IFAzR6fe8JsVJJlWaChDED8Ba1Qj3bh0TTScuP2oFb6H4MNxL9iRPbuYEcWbeTdjdEsGW9-dYV4CBOwMRSQoEWTNYPdnny2C9IqzeEtOhSNHnIOu7_u25C1yM614b8t4OOcR9J4xAAWfc4LNAyeCUjer1O7A09HjnSiXeWapg_YteQE4_oT9okEdexTQkqcVvk&cid=CAQSPwDq26N9WaM6ScYw9gsRFQQ-DMAJzXBn9JBeOPZHxhc6US8T7cXWFogjDn2ajQwZF3KR8c6Mqv-oFCCSZqtOIhgBIBM&rfl=1%2Chttp%253A%252F%252Ftempo.clic.com.br%252F%240

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38f6c21d142f68686cecf633d670f1727915555b1b372330ecb29cdce3ea040e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35023
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2EBD 42 B
494 B 261ms
123ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BLJLLoEQ0t2VWzP927TP9b3mMvAaWtBlEtdNdd54rPsIP7jm27ZfyMflXexXj0k3W7spS_mmY7gF6Oa_vGxZgdoJ4Y0w34TxJjOE8SdvCBlZtloaI

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 2EBD 3 KB
1 KB 77ms
75ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/window_focus_fy2021.js

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 18:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 18:44:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/ Frame 2EBD 18 KB
8 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 18:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7417
x-xss-protection: 0
server: cafe
etag: 18318620284716439044
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Nov 2022 18:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2EBD 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiEgMA5f9Wl3Rfi1wbol5BE4Z0-ONuf4ImiGu9EiMJ4TSruciCwmO1fqBG-3yNw-ucac_hXKfRoonuZlGJWTp_PdyzyQ
Requested by: Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80c::2004 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2EBD 154 KB
48 KB 254ms
106ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 12:16:53 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2FA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1&C=1

43 B
765 B

67ms
67ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY0cTscTAB&v=APEucNU1z_M-1zigW15OVCx9_uRovdcIrirDn7r8RuNnvKwL_drY46k8SW6leDRDwoRrJX84brECc3p2iv5NMKYEemUUii4Cmg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEI2kjlcVH7omKXY77DhrblI&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2FA4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y3IxtVFSZoO2mxPha-hqeAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8Ic0paNXvYjzHN4z2C0fs&google_cver=1

43 B
765 B

67ms
67ms

Image
image/gif

192.40.39.223
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8Ic0paNXvYjzHN4z2C0fs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY0cTscTAB&v=APEucNU1z_M-1zigW15OVCx9_uRovdcIrirDn7r8RuNnvKwL_drY46k8SW6leDRDwoRrJX84brECc3p2iv5NMKYEemUUii4Cmg
Protocol: HTTP/1.1
Server: 192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC8Ic0paNXvYjzHN4z2C0fs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2FA4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsRopaUEd19NWbKHsH2m8&google_cver=1

43 B
1 KB

98ms
97ms

Image
image/gif

68.67.179.113
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsRopaUEd19NWbKHsH2m8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNPh9QIQ8ZCY7AEY0cTscTAB&v=APEucNU1z_M-1zigW15OVCx9_uRovdcIrirDn7r8RuNnvKwL_drY46k8SW6leDRDwoRrJX84brECc3p2iv5NMKYEemUUii4Cmg

Protocol

HTTP/1.1

Server

68.67.179.113 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:53 GMT
AN-X-Request-Uuid: 601169bc-e280-4462-9348-09addb894bf2
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJEsRopaUEd19NWbKHsH2m8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2FA4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwODAyOTkwNzQ4MDI3NDUy

170 B
243 B

103ms
103ms

Image
image/png

142.250.64.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwODAyOTkwNzQ4MDI3NDUy

Requested by

Protocol

Server

142.250.64.66 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s30-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 14 Nov 2022 12:16:53 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 38.132.118.72; 38.132.118.72; 564.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 1997599e-0528-421c-87a2-34ea58745626
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjcwODAyOTkwNzQ4MDI3NDUy
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 2EBD 170 KB
59 KB 213ms
66ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
Origin: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 19:41:02 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/ Frame 2EBD 8 KB
3 KB 198ms
65ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcnfaK45_khkOVi5PjK7wKFfoGpC5Wl_w0MGZR1MpJ1RDRgXGOhw3qhS2sLgj67Z9YUMsjpekNHXyxpjEBZFy3220et_bWUSNls9pwXiZvbXKZRKNfdIAlNDsLBdpx8JLQIpoxgBk3izQx1QcsBu4w8NdG-uwYIvf5n4OdtYxmTU9sa_M&dbm_d=AKAmf-DIk_L-ejVH4alx8hykaLjIO8eC7NRm9amBeQjIZTzc0eTFD_g9_P_YBrESFmKwuDT6o7u7yNcA5gDlLjCf9Bl7mF6_iBF6MiH97TAN_b2QlfKod-VtLs-TFUxq9nMy3jEVvOrQuwFXE-am0NHtbRMKDfhd0BqHnlrRAeenuc-6hZRhqB-2I5fJDKjYvWWPhtoQhyzYlTEcQbxGXkqMte0dvGhLUMHkFgWjjtkSgu51s0T62e6t-S1v_djlE1vxO7mOZr-r4ZubzOy_07aZoRok7bh2yqxFHw786chIfMCg95VbZJ_YYOPr8H3qzSQQQ1jfKQifgXFd0uoVqmj_1fPZe0Mbijlriy57IrqQDUsrj8weDn4r6pVt0KH-aGYOAVOLn6rDakH809xA5eX6h8nSx10a92mSv-QrXgJvRHzTbXj0Of6gxuuLzb-9ltXxZCMsGU0lRtSCAOfyolfr21eEpvx2eL6W0tNhUxYME7QxAB7FtMNfGAsLoFZqxPWyN5ur9Sx8gIeCrOBrmD-ShEIK4W0cgZe4nWZOOf7lXvbLGlzKPlqmbcPzu2FUhJWV8b75Wm9GiovN8_m3VzoRoSXmAmfeBCbOrIQABrDVv3IfdM--nmcZwpQLdqFnBST53Y-Qv6uA2Ev5OhHckkFjuBuL1UVtd3Y4Spc_4ZiRyJrZO5Wilb4RUdpFpPtkmqgt6x4JN_ip6mIlXyLDQgCuomp6d-K3_cTOcP1qUm7LA4j8rreHIJIt6lwhXIv1KzhGKoE6lGVN-FbFTWJQ9vtI529rE2ChsRuo-Hq_LTJe3cB4LbOa9i20m0O7IfkTl1AkjNkwGGMEp90eWcPBrOHWUnqvqNLoADu9gHZ3qUMNfuViwjAc640vpdf1flvQIarlSDCDGilWyVFtE02-Hykwc2SsHhemexX4i6aE6_J7PGBdwbnoLQqxPoE1QHP4Sli6R6HntlgFilzFQ753SaYyiRdjUqXp-972zvuFSCz4D8FX7XvJJMDkOlePb2jehWFLU9jAVxPn0PXczGRq2Fi6e62eiGpqXRh1KmexG072Xu5ZD1rcdDCG1JQC_b5kpJtyfdscgZO_VCQmqGOwNNg-fQ1z6hZfh9GcBHDkuy6TWze6EvvLoSRXPKuOyDxQA4AObWtNEvvNtduJO2t9lE5MvryM0C6LboSpjmyoAPPFmRkGoQyuKeG3AHU8ge8kra6rcOvXQVGHUwKQwNKvA2cw6AAfN5AN9fUuAod4KlJ5QARmelG-aj0ETVmK--YnDqTFAeM0XUD7wLPPCqOFpA3ZRxHARKkSKFrSsoNTrNosNtY1FiSVXCpuGSIeywQ-8r5ACNTi8i4d0ZYnsujgQXQ4E-GE6O-NapCm-GmT8hOWYhwNifGHepjUIGaCo2p133Qv0WopskiGVTLwy1O3JX3jt3J6XuSMxs3NulsfomiNKz3WE0lUwbRt86GnKlbkiq35NK4QzjAXEsnDsFsYcu3ZK_Ha7lQbQ53pdt9d5AEmXuJhmQ87HTQyZqGPjTwMnRelY6fyXyBec31yztVkwTpQR4djfjD7GkPeaAt0qJnbm8od70Tk26sP9fIh1_f9XCluWrH-Jt62okdzahwfpNfNMUG3oajkVZMmUsDltwKG5eFZ6pAIRRosD3ehgq1hrCgxFuHRcv3xuAduq5ccN_vUKI_vh-so5GFwNNF2475qwrjVLfPkgJA60cSPFvYJGP_Kb01o3tcBlRkRzDP9RdU_iLFVSSSaSlJCSQcOUOIpFMzW8IdRIIck6eloSbVqBylVKX-jw89dbMPQ-G0VqM92Kp4al4K1hhpnDRxQ4aBNdLBGEZA13InfWkfeM15Hudigqlec-5KG6HdfsPvyAxb20EyOPUxY8EQlj49wfdpogSctdIZdV1PtMHo1HaTtE7PMYv3MM9utSQFVykLrCEXxfTNXTegEPbGNsenjJ0TlM5Ugse7N2NzmYNmUcAcZdu4G2n0OFppP3oPbOjbHQXsvI6-xnzXZc6jqJbg8q9-5zo4r25Wfwi3kYWF8INFxNYuMGcfj3kqr6PeqCFGj5eIT-g9EPafiZCdpaYej6STC1rvd0wK0SkxudytmxIHW9b5h2cz5uRJ179IynybEAtFW_Ijm5eHFkZoykQYG5M2e1ztDf-DqkeE5CWGL2n4dCUOCkSlsYaVJIVGDzxXqc7ab6NhSDY1wNgpi_o9vMfIrIahnXCRh8lTzyyl8sREc-T58zHTl_VfXxtJbS7XWB_7nfkNOKLkh2oi2kujC0LS2t7MxTzvV2uv0jlYjhr9opLHWMSdXJO4pMK4t5nW4LbsTE7WlIi2z-2Kad3WrrDiW6tR3iniO1n5fwtfDrxWBh0QfBWONd9pFhWF1v6ZqNjLmkA00uVG903cpoeP3q6_i0dFMkIxCiFrPdKX7L-4N1X3kgl45HWE3qslXgBmucUdGMSknA1356El6fhrLuEY8KVpu1sqdFP_d5ABGyRb89yV90Zsn4yaz0MrvTR65iADMa1EY-x6-eKgXSEaEUu9gPDs2zTtUsKqzGlyWuQRsfZAzRX_FZK-cg9WHILvYydnu6UVBjzBjvQjv3A7gFgUg0nSExDunOET4dgg7KBmmQHXNirLzJc7uKNz9AVy0fLy8KLNCYoBdzQzlNYRmfr7JIvwYILHc8nN-amBCB8pDizpnwMre8GMEGivkxLM4YPHTuqsg2ELp8EC2kGWNHwkfLuZmQtUyQy5fUOZjQVoARpJZcDlKqeoMBTpGLmZMklqUhtfjsB5xJQB5SAD_PZ8mvCKxXx6px4hTGzuDtE7k4jc3s3YOKK358oRNMSKMMSE6wLFMePyzueIewRbO6xg2e_sWhEPXXmd7JXUmH4htOF8P3UyJ-l_AIqNL8MaXFA_ssSLQRQTmYI1S2lkTKrl_rV6gCIPHDn3L_ykdormdk76uCC7alHXlS9wjsOnHiy_3NMWMfvNBa5qfJLrhgiEF5nv2aD4WTX1cVsD9z7Pvd1gyXZWRljo8ZEoolqma3OUPt78j4uENAnryuHVsil_P6qmDkXz18IFAzR6fe8JsVJJlWaChDED8Ba1Qj3bh0TTScuP2oFb6H4MNxL9iRPbuYEcWbeTdjdEsGW9-dYV4CBOwMRSQoEWTNYPdnny2C9IqzeEtOhSNHnIOu7_u25C1yM614b8t4OOcR9J4xAAWfc4LNAyeCUjer1O7A09HjnSiXeWapg_YteQE4_oT9okEdexTQkqcVvk&cid=CAQSPwDq26N9WaM6ScYw9gsRFQQ-DMAJzXBn9JBeOPZHxhc6US8T7cXWFogjDn2ajQwZF3KR8c6Mqv-oFCCSZqtOIhgBIBM&rfl=1%2Chttp%253A%252F%252Ftempo.clic.com.br%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 08:24:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13966
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 08:24:07 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/ Frame 2EBD 29 KB
11 KB 197ms
67ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221109/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 05:45:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0
server: cafe
etag: 1193498290069121257
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 05:45:31 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2EBD 41 KB
15 KB 196ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 08 Nov 2022 04:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Nov 2023 04:43:51 GMT

GET
DATA 200
OK truncated
/ Frame 2EBD 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11099b47296c8cb5f9d7637cede672af811ad519f16ac52f5557d01f8bea86e4

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 n_one_vway_bahia-principe-es_np.js Show response
bucket.cdnwebcloud.com/ Frame 2EBD 1 KB
886 B 197ms
60ms Script
application/javascript 54.230.163.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275857590&ord=850605024
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-76.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 22:19:19 GMT
content-encoding: br
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 13:03:10 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 50255
etag: W/"9748fb959a7ee41d8aebb52473ace3d2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 459rMy0y2ff2DIUa7Yf03xCDy8-EhyJ5tYw5cuDcAbAv_kS4ZFkoUw==

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 212 KB
32 KB 214ms
83ms Document
text/html 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c65bb06b181f59165b6d9906e6dcd6ffc956d43cb39d7fdebb3b4005820abe2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 14 Nov 2022 12:16:53 GMT
expires: Tue, 14 Nov 2023 12:16:53 GMT
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EBD 0
0 278ms
134ms Fetch
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFTlCijlNCqUXsWCODxcIUokRbOfo_G7oWlOuOBOUidUojdQCdsy0AdgQz80ikkn59T0Qb6dgWEP420HqP-gGf-T2IWq1d8xcOqh4empgx4H1VSLybquY-pMP1pYZXXXGIbzAlvn171XZs2zofS0c7xltuP_spNUhFmLFJcJiqZHiqAGabyRHRA8v7p4XGZbXaSuqQR_Sy2lJ2-Fj19Ij2po0dkUzJ6WnchNTHDx6PJ2QYt5nJ_Wm7UkTJ3_x7HkfX6jZ21Hy7vLIa42WmQz2EOgiru9oh0g7szXVw5TDTB19MbqqROmWYxwR1Hbsx5UFpF4IfKO7CioYqRHNSZXMpksHJzkVBD9bbhsov1rmiwAMGEMuq5PtfJ0d48iUYsIwXySUt9Hw6jS8nsXCgV5kkku1VDO7l1qM4DuPpcx1pFhLve-maKMV0I7QXZ6wB1wBkp7Yfnu4rRiMFhSavtqhmPVmqVkkv1eBuA_oFAyS3viHgQxbHZOtlie0KwupdSyds84lONOZvz2wYz__7aEtH3RyoGRR_y9mWjEo89y1uWgDSbalyldFJr8JCbfkHPkFrHdDbN-9BMo4pi4AYGw5UsKPyyE5q55r5uh1AAD6CaK-Mp2kriLZiaMcmg1WQN-t6zazW85IAUvJyMv3pQUcfbZLuJ2qgkIYpPBW6eKzM2XAoWVrV2LLPbaXBfxT3gVXKP0jP2MbzWxd5Yqrej9R2deUAjCCkjWt93C9o4nqOt-Mmu_XT5BhV5_oDQO_6bz4KMLA-Z_XSVLmrG0LEgMJ1edhh7olBOewNKglNU1XIEKQCxiHsqUITfCmivWAGSAuWbtEUmRJG6zlzjbWCgo2xPzXkFp5_xrZnDSJNt_XJIc1AVdH4Uxq0oEarC29Ttn4AKyIeVsbnh9hxcZdBcSPWLdNk-_D2QNksxHZ0-tCrkxatdHEIj028wr1b1gDgQMI31fio5_DHedyprSBE6PgOjwTxHlJoXeNe8D3m8Qoiar92kMJPQZ5g9UjEFMPkEsEitJ-QDqlvnOjpuLavT8Mwh93G8MZOtPW-wO8IqjKkkTfBMmtZxoRxi9lIhLhdvfT6oz62VM-ZAQX-FO0awd1dBHSfD8_u9TmNCdFRgtWgbEeV5mh--p55Mdfo0cMaGhwUR0K356ev6ZJ61W4hc7K9d0a6yrD_uCzZM5wI9CCc96GeQg5dv-S3&sai=AMfl-YS59ex3IkltwhUj7hhqiLvCx-7IovnLFT2dpjEdOaYs3OQBadRTfW3koVuy6Z5gorauvRRPWS0D-byBhgjsRi52F6z4sGkpS78ygUFX9OML-Wo3cR6zXk6lJZ87UUX1mMephXcFdCDZrQjCOnvmPj1sOd3Ujpd15dFTV1yWYa4lUIuT-DYuPL9gcT9OGnMGPBlfk0ZTa24vBP_yOTIJUJQN8Z8IsYx1VpnAem97hMQYjAEMZl1UK44vgMLqBrEZ_KS2MOUCQrtN6X54PZ05ND8&sig=Cg0ArKJSzNXVxQJxSD4ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=343&cbvp=1&cstd=337&cisv=r20221109.12738&arae=0&ftch=1&adurl=

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 14 Nov 2022 12:16:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Nov 2022 12:16:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4C36 22 KB
8 KB 77ms
75ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 545582
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Nov 2022 04:43:51 GMT
expires: Wed, 08 Nov 2023 04:43:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C36 36 KB
16 KB 74ms
74ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 20:12:01 GMT

GET
H2 200 noah.min.js Show response
bucket.cdnwebcloud.com/ Frame 2EBD 19 KB
7 KB 64ms
64ms Script
application/javascript 54.230.163.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bucket.cdnwebcloud.com/noah.min.js?1668428213834
Requested by: Host: bucket.cdnwebcloud.com
URL: https://bucket.cdnwebcloud.com/n_one_vway_bahia-principe-es_np.js?n_o_nu=not&n_o_aut_tc=275857590&ord=850605024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.230.163.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-163-76.ewr53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 09:20:02 GMT
content-encoding: br
via: 1.1 34d691c1cf360a32817ace92de30761c.cloudfront.net (CloudFront)
last-modified: Mon, 08 Feb 2021 12:39:20 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
age: 10612
etag: W/"79bdbba51b195bc000950e9ac2e73e9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VriJXEmgYy6HN0KXLikpP4i6yLGKrCA192ubL-a97tBbC3g4o5chsw==

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 0E56 118 KB
40 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 19:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 19:41:02 GMT

GET
H2 200 atp
neural40.cdnwebcloud.com/ Frame 2EBD 74 B
324 B 440ms
143ms Image
image/png 18.203.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/atp?473879532588=&n_o_aut_tc=275857590&nonhm=true&gdpr_consent=CMP_NOT_FOUND
Requested by: Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.194.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-194-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 12:16:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 74
content-type: image/png

GET
H3 200 Gotham-Bold.otf
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 154 KB
69 KB 79ms
78ms Font
font/otf 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/Gotham-Bold.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 05:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 284768
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70565
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 11 Nov 2023 05:10:46 GMT

GET
H3 200 Gotham-Medium.otf
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 126 KB
59 KB 66ms
65ms Font
font/otf 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/Gotham-Medium.otf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:52:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 411870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60432
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 17:52:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E56 7 KB
6 KB 217ms
87ms XHR
application/json 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18ca80488bec4ef885c972f32be5628329eee1bbbe5a171b3ada3d29d3577a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5736
x-xss-protection: 0

GET
H2 200 avw
neural40.cdnwebcloud.com/ Frame 2EBD 0
105 B 238ms
162ms Image
text/plain 18.203.194.19
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://neural40.cdnwebcloud.com/avw?252066126205&n_o_aut_tc=275857590
Requested by: Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.194.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-194-19.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 14 Nov 2022 12:16:54 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C36 0
20 B 128ms
128ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTbyEtTFyY9HeCI_tzgXdhqSAAQAAAAA4AeAEAg&bg=!pqWlpeHNAAbvMpMzzzI7ACkAdvg8WiJciKkpa-keA4sU-A6EdxJmCw16mxKFH9FiYBFHof7RReOcRAIAAADWUgAAAARoAQeZAunfX8IkYf8mty1m6lRR56adyBpYHn7yNq15rDjuxw-NTKAXESTY6ibfRsmjsWah_FUWAtdqQWLSnDG43Pq7cizVkLs3TwCwREULe8QLRyLbfUEWp_ccTk8IS4ClsEUC57UO46US5HkOUK0VW6a8WVePJ2BtLqvLKS6kwdvnZjZz9jorKRbQeIeuRE2JtEYEKqz5OGNPhaCMgoYaEiSEjSEEce7X7KwNZ1AwJU23L7-5semAh0CTM-3UZiE-m5BOBciK-ID98H6a08hcrH6FeEY2Uy_KNuDuF9Zelu8wW-2CJnyQ4ALvycQMZRC5oJL0_3XIQV9yxf36gXbzL3-mpv0fcYQ5bYVqYZIPzvvijRRFDN2U1IH4cPuCGdmJYtXmF45xjz0u_R_MRq9ruD73VqM6kJ3Aa5eHnf_6727eXd5IeQnvtFS_m9pfJKZHBZKy0gfQyBgWlC8WFm9J2-QGBbmyS0qc6lu_xLq59UFAdTPOICtZlo9fQ56uGILLEoHT-1ByyxNdxG_43Jdig9l_1WSXNwmS2rGOWRoqd5_AoWL9l-sSfLOgvW5BC2MavBPBx145p6x__zhWpiGc77Tj6YenpYaNAzaRfo4ZxedwLXm6Hs_J102mFJe5YZxxdzRHr3sMmt7kuqGNe0I8vcasPQ5yjAVUsSwx99ifJdp06oE8mZgpQE15zP8AxkcJVKhaqJjL0ahJLJWcvFXQyyehYYQt52SmqTC-gUVZx3hJlu-vdFBCsSZO8sj3fhR9vhwKNYzKQjkLsomRe86tf9-FdeJlMnIQ9fHUgrFYWrBML0HHCHZXNyn8omlyXRaefnGtwNfJIxDAFjmndeCWpILrL-RkggVduLqZN0SJXqBQw0NE5J84OF4liE-a01DYa1Js0k2vTMS9qLT5wyGbE7_b29xqPUFVZxgzmqPkZM6Vat--q1vYGrQV27SyAx0NKms-YHbVVbK42Xbsk4vwhPeEIB2JfnclLWgLo2Vr

Requested by

Host: a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
URL: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2EBD 0
0 254ms
126ms Fetch
image/gif 142.251.40.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuFTlCijlNCqUXsWCODxcIUokRbOfo_G7oWlOuOBOUidUojdQCdsy0AdgQz80ikkn59T0Qb6dgWEP420HqP-gGf-T2IWq1d8xcOqh4empgx4H1VSLybquY-pMP1pYZXXXGIbzAlvn171XZs2zofS0c7xltuP_spNUhFmLFJcJiqZHiqAGabyRHRA8v7p4XGZbXaSuqQR_Sy2lJ2-Fj19Ij2po0dkUzJ6WnchNTHDx6PJ2QYt5nJ_Wm7UkTJ3_x7HkfX6jZ21Hy7vLIa42WmQz2EOgiru9oh0g7szXVw5TDTB19MbqqROmWYxwR1Hbsx5UFpF4IfKO7CioYqRHNSZXMpksHJzkVBD9bbhsov1rmiwAMGEMuq5PtfJ0d48iUYsIwXySUt9Hw6jS8nsXCgV5kkku1VDO7l1qM4DuPpcx1pFhLve-maKMV0I7QXZ6wB1wBkp7Yfnu4rRiMFhSavtqhmPVmqVkkv1eBuA_oFAyS3viHgQxbHZOtlie0KwupdSyds84lONOZvz2wYz__7aEtH3RyoGRR_y9mWjEo89y1uWgDSbalyldFJr8JCbfkHPkFrHdDbN-9BMo4pi4AYGw5UsKPyyE5q55r5uh1AAD6CaK-Mp2kriLZiaMcmg1WQN-t6zazW85IAUvJyMv3pQUcfbZLuJ2qgkIYpPBW6eKzM2XAoWVrV2LLPbaXBfxT3gVXKP0jP2MbzWxd5Yqrej9R2deUAjCCkjWt93C9o4nqOt-Mmu_XT5BhV5_oDQO_6bz4KMLA-Z_XSVLmrG0LEgMJ1edhh7olBOewNKglNU1XIEKQCxiHsqUITfCmivWAGSAuWbtEUmRJG6zlzjbWCgo2xPzXkFp5_xrZnDSJNt_XJIc1AVdH4Uxq0oEarC29Ttn4AKyIeVsbnh9hxcZdBcSPWLdNk-_D2QNksxHZ0-tCrkxatdHEIj028wr1b1gDgQMI31fio5_DHedyprSBE6PgOjwTxHlJoXeNe8D3m8Qoiar92kMJPQZ5g9UjEFMPkEsEitJ-QDqlvnOjpuLavT8Mwh93G8MZOtPW-wO8IqjKkkTfBMmtZxoRxi9lIhLhdvfT6oz62VM-ZAQX-FO0awd1dBHSfD8_u9TmNCdFRgtWgbEeV5mh--p55Mdfo0cMaGhwUR0K356ev6ZJ61W4hc7K9d0a6yrD_uCzZM5wI9CCc96GeQg5dv-S3&sai=AMfl-YS59ex3IkltwhUj7hhqiLvCx-7IovnLFT2dpjEdOaYs3OQBadRTfW3koVuy6Z5gorauvRRPWS0D-byBhgjsRi52F6z4sGkpS78ygUFX9OML-Wo3cR6zXk6lJZ87UUX1mMephXcFdCDZrQjCOnvmPj1sOd3Ujpd15dFTV1yWYa4lUIuT-DYuPL9gcT9OGnMGPBlfk0ZTa24vBP_yOTIJUJQN8Z8IsYx1VpnAem97hMQYjAEMZl1UK44vgMLqBrEZ_KS2MOUCQrtN6X54PZ05ND8&sig=Cg0ArKJSzNXVxQJxSD4ZEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=885&vt=11&dtpt=542&dett=3&cstd=337&cisv=r20221109.12738&arae=0&ftch=1&adurl=

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s79-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 14 Nov 2022 12:16:54 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E56 17 KB
6 KB 120ms
119ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Nov 2022 12:16:54 GMT

GET
H/1.1 200
OK chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 184ms
70ms Script
application/x-javascript 2600:9000:24f1:ee00:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://static.chartbeat.com/js/chartbeat.js
Requested by: Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre
Protocol: HTTP/1.1
Server: 2600:9000:24f1:ee00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date: Mon, 14 Nov 2022 11:03:42 GMT
Content-Encoding: gzip
Via: 1.1 bd3fb8ca205d8e5f716067cdf581fa76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK50-P4
Age: 4392
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 20 Jul 2022 00:50:34 GMT
Server: nginx
ETag: W/"62d7515a-933f"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=7200
X-Amz-Cf-Id: dvrJRPkLh_cyc7y2tiRmuM7sfiVsGZ7thvJwNzjzu9u4CLQ51_MAxw==
Expires: Mon, 14 Nov 2022 13:03:42 GMT

GET
H3 200 3xRr9161.html Show response
cdn.privacytools.com.br/public_api/banner/pop/ 8 KB
2 KB 84ms
47ms XHR
text/plain 2606:4700:20::681a:a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.privacytools.com.br/public_api/banner/pop/3xRr9161.html?t=1&m=0&c=1,659,497,272,106

Requested by

Host: tempo.clic.com.br
URL: http://tempo.clic.com.br/rs/porto-alegre

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f6f557eeb81ab4b8408b2aef1a116b072b538835e56ac66eb7aeb2a69a16650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1512031
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"Wed Aug 03 00:28:24 GMT-03:00 2022"
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VP3wELm7O9VpeJZSczMaEvR8vF2I7Ze8PmmrjYHtmDQv6qnfjIDclXRa4OlFEQ%2Bb2OOTAOQ4hrjBQPOV4B89vIBr24ytMA%2FHAnlp%2FwzjNbst0ITb9LiZ9K3AjvJjEmLa1DKu0AI2W4FecF7zD%2FCLSb47L0Kr"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=2678400
x-robots-tag: noindex
cf-ray: 769fae545ffdd99d-MIA

GET
H3 200 DD82EA27BB28F2B64DEA1CF52E284701.png
cdn.privacytools.com.br/assets/fb4c46fa-a333-40e4-8226-c40106b00496/banner/ 16 KB
17 KB 43ms
43ms Image
image/png 2606:4700:20::681a:a5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.privacytools.com.br/assets/fb4c46fa-a333-40e4-8226-c40106b00496/banner/DD82EA27BB28F2B64DEA1CF52E284701.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:a5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87826ca2797dd0d346de04f9b41659abc7b71a01d6caf477a1cbee7ea2353644

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 12:16:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1515245
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16826
last-modified: Thu, 27 Oct 2022 23:22:49 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxnoOGTJgadKvNx%2FUnJ5jwevuqbkxcsRmwOFKw4Mz6Hopnc6UyN7VKIqSIinXzHgKn26wdz1QMZaxv1ShOJUUzr5IYlDM0yLipQScd6aeakDNfyvTcnzNuh%2B%2BWLy1SwHz4%2BMFGdZhfKWzIgiFYAisWAUmnnE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400, s-maxage=86400, must-revalidate, proxy-revalidate
accept-ranges: bytes
x-robots-tag: noindex
cf-ray: 769fae550cd22221-MIA

GET
H3 200 texto_logo.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 5 KB
2 KB 65ms
64ms Image
image/svg+xml 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/texto_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 18:43:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408831
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2125
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 18:43:03 GMT

GET
H3 200 sol_logo.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 2 KB
1 KB 76ms
75ms Image
image/svg+xml 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/sol_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 07:36:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 448813
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1118
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 07:36:41 GMT

GET
H3 200 PALM.svg
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 3 KB
2 KB 75ms
74ms Image
image/svg+xml 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/PALM.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 18:55:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62457
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1519
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 13 Nov 2023 18:55:57 GMT

GET
H3 200 palmera2.png
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 960 KB
961 KB 71ms
70ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/palmera2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 18:42:38 GMT
x-content-type-options: nosniff
age: 408856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 983441
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 18:42:38 GMT

GET
H3 200 palmera.png
s0.2mdn.net/sadbundle/16527439329884676748/ Frame 0E56 941 KB
941 KB 80ms
80ms Image
image/png 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16527439329884676748/palmera.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 03:09:42 GMT
x-content-type-options: nosniff
age: 464832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 963679
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 15:48:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 09 Nov 2023 03:09:42 GMT

GET
H3 200 pre_black_friday_pros.jpg_1636972095063_pre_black_friday_pros.jpg
s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/ Frame 0E56 469 KB
469 KB 75ms
75ms Image
image/jpeg 2607:f8b0:4006:816::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10889189/s0.2mdn.net/creatives/assets/4372216/pre_black_friday_pros.jpg_1636972095063_pre_black_friday_pros.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2006 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74874fa8217649856bc67574241ffb5bf8fe18551d6a6240b5db37a9981ac60a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16527439329884676748/index.html?e=69&leftOffset=0&topOffset=0&c=op8WHtBHkx&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:48:29 GMT
x-content-type-options: nosniff
age: 358105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 480359
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 10:28:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 08:48:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2EBD 42 B
64 B 126ms
126ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshAHehXJD81GTivU9Cn8f_-84boLcJKobW-q1-le8vRVqie8PzIsNUpLq8vnufhoZsG3i03lDW4MLq51bDCu-QRzq8PhCDxuHg_ObeErC7FLyVW0fWJX-rS_zsJ7rhzDqPXgMz&sai=AMfl-YQEVr2zsUodzRYkSbzpW0eb770XI_U98Z23y9IXEQbGQFxBWqzSoMSeTqJ3dhSpG8NLwZ1v3w2aP3H1mI0FEgtJmK0Zs_998M41rxTFM6HGdHzWZ9rxOwb9B0LkshTTiGw&sig=Cg0ArKJSzJr-AE_-CXm0EAE&cid=CAQSPwDq26N9WaM6ScYw9gsRFQQ-DMAJzXBn9JBeOPZHxhc6US8T7cXWFogjDn2ajQwZF3KR8c6Mqv-oFCCSZqtOIhgBIBM&id=lidar2&mcvt=1027&p=568,1050,818,1350&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1166931157&rs=4&la=0&cr=0&vs=4&r=v&rst=1668428212687&rpt=858&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Nov 2022 12:16:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame D4B6 36 KB
16 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Hudson Falls, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 20:12:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 20:12:01 GMT

GET
H/1.1 200
OK ping
ping.chartbeat.net/ 43 B
294 B 135ms
59ms Image
image/gif 35.174.222.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://ping.chartbeat.net/ping?h=clicrbs.com.br&p=%2Frs%2Fporto-alegre&u=DQ7rh5X2TDeYau9r&d=tempo.clic.com.br&g=56047&g0=clicrbs%2C%20clic-tempo&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11275&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=5326&t=DUxJbUfnmJLIHN9oBwuIvEDsYHJ-&V=136&i=Previs%C3%A3o%20do%20Tempo%20Porto%20Alegre%20-%20RS%20%7C%20ClicTempo&tz=0&sn=1&sv=CPAKBzD2ngn0oJPbsyLe2LDUjqIS&sd=1&im=04032c43&_
Protocol: HTTP/1.1
Server: 35.174.222.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-222-86.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: http://tempo.clic.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Nov 2022 12:16:54 GMT
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 43
Expires: 0

Verdicts & Comments Add Verdict or Comment

122 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.navdmp.com/	1970-01-20 17:03:08	Name: nid Value: 11bc2d60cda476c290c93bd6c910\|0\|344
.clic.com.br/	1970-01-20 16:12:44	Name: nav23955 Value: 11bc2d60cd17b4baeee69dca1610\|2_319
.clic.com.br/	1970-01-20 17:03:08	Name: __utma Value: 1.839897968.1668428211.1668428211.1668428211.1
.clic.com.br/	1969-12-31 23:59:59	Name: __utmc Value: 1
.clic.com.br/	1970-01-20 11:49:56	Name: __utmz Value: 1.1668428211.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.clic.com.br/	1970-01-20 07:27:08	Name: __utmt Value: 1
.clic.com.br/	1970-01-20 07:27:10	Name: __utmb Value: 1.1.10.1668428211
.scorecardresearch.com/	1970-01-20 17:03:08	Name: UID Value: 1922681c0a24c8504d1c1671668428210
.tempo.clic.com.br/	1970-01-20 07:27:08	Name: _gat_UA-52642317-2 Value: 1
.tempo.clic.com.br/	1970-01-20 07:27:08	Name: _dc_gtm_UA-52642317-12 Value: 1
.rubiconproject.com/	1970-01-20 16:12:44	Name: khaos Value: LAGR2V7J-27-KI90
.rubiconproject.com/	1970-01-20 16:12:44	Name: audit Value: 1\|i7WLabMcVxI1x+cOf83SqaS5Bv7H1ouoxdnNVF8ci14l/csLtLTWl0xokCPSBINLXFOYfXYvwoKFGldWqJlsKOBxGCOXoSK1hAG12h+sr1Dc6UO785F0Pw==
.yahoo.com/	1970-01-20 16:13:05	Name: A3 Value: d=AQABBLMxcmMCEDhVpPBIE-o237hr7U_QWEoFEgEBAQGDc2N8YwAAAAAA_eMAAA&S=AQAAAnOsKYlj0eN0-gSgWgfTMFs
.clic.com.br/	1970-01-20 16:48:44	Name: __gads Value: ID=bb1f4bc2cb51b532-225919e54e7f00a3:T=1668428211:S=ALNI_Mb-ejOIi9TDiZGhh6bOV4_zzK8wsA
.clic.com.br/	1970-01-20 16:48:44	Name: __gpi Value: UID=000009d8458d398c:T=1668428211:RT=1668428211:S=ALNI_MaoAxogdZ3osalF2bswGsxUvCISug
.doubleclick.net/	1970-01-20 17:03:08	Name: IDE Value: AHWqTUnJyS8Pv36qx7XaR5vdMKhbUqZLUmY5R_bDUQoEo0f1FfeRV19zgZOmVapTUr4
.adnxs.com/	1970-01-20 09:36:44	Name: uuid2 Value: 670802990748027452
.casalemedia.com/	1970-01-20 09:36:44	Name: CMPS Value: 3791
.casalemedia.com/	1970-01-20 09:36:44	Name: CMPRO Value: 3791
.adnxs.com/	1970-01-20 09:36:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In<k^r2B!]tbPl1M>e)ZlrFUfJ+tGXxp.GR64#9#9i1QT9pVKetS._'q5_Oyz=`0^FaZ3If)y3KL9D3I?+AkK94E
.casalemedia.com/	1970-01-20 16:12:44	Name: CMID Value: Y3IxtVFSZoO2mxPha-hqeQAA
.casalemedia.com/	1970-01-20 09:36:44	Name: CMTS Value: 545
.neural40.cdnwebcloud.com/	1970-01-20 16:12:44	Name: n_one Value: 39ad5228-6416-11ed-9bae-0242ac110002
.clic.com.br/	1970-01-20 16:55:56	Name: _cb Value: DQ7rh5X2TDeYau9r
.clic.com.br/	1970-01-20 16:55:56	Name: _chartbeat2 Value: .1668428214623.1668428214623.1.CPAKBzD2ngn0oJPbsyLe2LDUjqIS.1
.clic.com.br/	1970-01-20 07:27:10	Name: _cb_svref Value: null

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: http://tempo.clic.com.br/rs/porto-alegre(Line 13) Message: The key "user-scale" is not recognized and ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a7ff9f499bf236610888e53b4ba8d140.safeframe.googlesyndication.com
ad.clicrbs.com.br
adservice.google.com
b.scorecardresearch.com
bucket.cdnwebcloud.com
c2shb.ssp.yahoo.com
cdn.navdmp.com
cdn.privacytools.com.br
cm.g.doubleclick.net
dsum-sec.casalemedia.com
events.getsitectrl.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
l.getsitecontrol.com
neural40.cdnwebcloud.com
pagead2.googlesyndication.com
ping.chartbeat.net
s0.2mdn.net
s2.getsitecontrol.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.hotjar.com
stats.g.doubleclick.net
tag.navdmp.com
tempo.clic.com.br
tempoagora.clicrbs.com.br
tpc.googlesyndication.com
usr.navdmp.com
www.clicrbs.com.br
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
108.139.47.108
108.139.47.54
13.33.60.43
138.199.40.58
142.250.64.66
142.251.40.98
179.191.187.64
179.191.187.67
179.191.190.66
179.191.190.71
18.203.194.19
185.93.1.243
192.40.39.223
2600:9000:24f1:ee00:18:1fcd:351:7bc1
2602:803:c002:300::98
2606:4700:20::681a:a5b
2606:4700::6810:ef3
2607:f8b0:4004:c17::9a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:816::2006
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:820::2002
2607:f8b0:4006:823::2002
2607:f8b0:4006:824::200e
3.230.217.116
35.174.222.86
54.230.163.76
54.84.52.35
68.67.179.113
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
08bb8bf8ea037474da111ae1a70781e3210f7a0b29ac2f61cc5e88a3e37b920d
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
107a216b8d26e5f86ddd4fb69f53b6e7daa68e445dbca06ff6a279002f194e14
10e4ebacf9fdc329d721a17f2a0d42fc77def0cf25766d0450bdff232a27d97e
11099b47296c8cb5f9d7637cede672af811ad519f16ac52f5557d01f8bea86e4
116129eddc1650595728ce4f6cfa6052dd38ad660607ced6dd644968a9976a3f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14b28c168f51d95445095f62a658ed0688cb47523321962a52cb9847e1c094b0
15fc21be39b52f3fdc2514a9c96267a7a688744d4b8413319943a63e15539c8e
183be4309aa229c11d790bb79b82a6a181a3f76cd009635a145a9d65c9c80766
18ca80488bec4ef885c972f32be5628329eee1bbbe5a171b3ada3d29d3577a73
199e3486a35eeb4bf55d8bfbd4f15177a740dda684a8b5d76b8a38dd3024f63a
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
20873b2a14ea2177bc9cb83fec76fc812a9872b36d8a385ea042929601b959cf
22e99768051bfffd5038e9ead749c8beab5ed5f1042a82eaa188096b2c63d4a1
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38f6c21d142f68686cecf633d670f1727915555b1b372330ecb29cdce3ea040e
3e60c8f16e3db92b5e3aa081989b37d94aa9a20df7211cec177f044ac3c13eae
43ab293aa96bcffebf4bccdc386299404604c7ec8049f4f53de10fd7dbe2d4b9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c8e912c69d6dd828b7a7bdccfc909eff9db9a9ecae0f06a541a0cae96c7167
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
545a51d377d7c0b5a5bdda218e8a741dfc6b4fcb9615ac9e14bddd458128d43a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64d19be0a5e84a0636d72f7c88e9b13437e4e732c34b23dff3a24b5bcd80cda3
6b43bb94ac6321d8ea118e251d4a55f90f51ae165fcc75e26e5137c7982aff0e
73f6add564f8d8c794d4b1bd49749c1770990b44616591ea59ce7333cf05a574
74130e91791cf3496d353724953e6466d3240ea308838a482dff16cd6c119aa0
74874fa8217649856bc67574241ffb5bf8fe18551d6a6240b5db37a9981ac60a
7f6f557eeb81ab4b8408b2aef1a116b072b538835e56ac66eb7aeb2a69a16650
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fd85119240118cd90469270fa94852b467a73ece715d8863d7acc18a3b3a57
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87826ca2797dd0d346de04f9b41659abc7b71a01d6caf477a1cbee7ea2353644
8e72d5a56aa522cefe1b3bc1697b319b5b6ef7bf8199b43661addf1c736dfb2d
8f3ce76b086c8ff73e7ea3943a49cb9bcd943d2e24efe793fad5c14556f88d6d
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
9b204a3d2c9867708bc2c0bda2086518aa449bbf2add8e0b0cc30408ba9fe7dc
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a151b13aca148b5dac94e47a366bece8a103f476ba6e2fc137953929ceb2899f
a44ea93f530cc6081ab2f8e83222640f5f65d949da6bc73d2a780a68dd2d0f9a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63ed2d98472b598ce461bf3775c41fc4a3030805179228aa0b39bae9a85d4db
afcd6ebf6cf7124e138218f69982d6c9ca1820345967c9263d243dbf5631d204
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2aea1042dccfd4171e544212e3e425effb80de3e4b4de2f42f38f70fc269cac
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb6db5ffc58d1096848f64173f5a08beac1c251b08ab92948730ab30ed119f0f
bd2fd2bec5d78c09de6f5937a7a55be6b59365679743f5d043b65bd31df84bd3
c2bdec7f5f17d144f0c5adb5bab7ec2c5a6008c3922e4bfec53d8b96d238fbd2
c65bb06b181f59165b6d9906e6dcd6ffc956d43cb39d7fdebb3b4005820abe2b
c7606d2ad370439c7b03b3b8f4aed04c8861de171b0380be7fbc1c15ceadc129
cbbd6285bb18a8c92cc59574c958877754850f795f0f4dad205c79fd21d1d467
cde18682e124276982c74b4e985340f03d39751145c2db65dac998ebb30a489f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d3c4cfb0b03e8f50fa934c3265e0114c1729d9c9b56c59eeedf6eabd4f6ffd7d
d46239be1c44c268c1d4bd7fd19a5f0b4036b91fc1c2c607fac1a9b726319373
d7fe7c4f6d869ca0ac9f29b8cef5e941473ac4c473874ddf4e53f25d208dba24
da4fb28346944e8099819fcbe2b779a3148682de9cad095eb5d69fe9f7f7e16e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0d4efc20c236bd54278d52213977066df86b0186137d2bc54979af6715a0bd4
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57d712a2bfc2506f7fd2f7fdf18a406bf98654b00a6cef5821c54eff43f2ad3
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
eb22e0ece547bab46eda8c5b751e8c9c18e769457b0c75b5a9c5cad417c3ea07
ebb43c5b849d499a66ac9559f85cb2140a373f3cc5336ac719127ae6db5d3959
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01018799709d76240e1c05305ff88894376f72c304a01ea875915efab0f6795
f5282c832f97dfa843f8949cc3484761963f56ad16710a5c6072b200f1a3b8af
f841e16a15c87fd62a9fd964cbe0f0a42e8c4a890a8b4f706729c0cc53054dc2
fab51547aabc8f61ae999cdb195813ba465f6b0c24a0fa5d5c2affa20ffa34aa

tempo.clic.com.br Open in urlscan Pro 179.191.187.67 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

73 %HTTPS

49 %IPv6

24 Domains

38 Subdomains

35 IPs

3 Countries

4094 kBTransfer

7160 kBSize

26 Cookies

5 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

tempo.clic.com.br Open in urlscan Pro
179.191.187.67 Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

73 %
HTTPS

49 %
IPv6

24
Domains

38
Subdomains

35
IPs

3
Countries

4094 kB
Transfer

7160 kB
Size

26
Cookies

94 HTTP transactions
2 data transactions