urlscan.io logo urlscan.io
SecurityTrails logo

tnonline.uol.com.br Open in urlscan Pro
200.147.36.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tnonline.uol.com.br/
Effective URL: https://tnonline.uol.com.br/?d=1
Submission: On February 20 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 142 IPs in 10 countries across 112 domains to perform 954 HTTP transactions. The main IP is 200.147.36.53, located in Brazil and belongs to Universo Online S.A., BR. The main domain is tnonline.uol.com.br.
TLS certificate: Issued by R3 on December 15th 2023. Valid for: 3 months.
This is the only time tnonline.uol.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
27 63 200.147.36.53 7162 (Universo ...)
70 2a06:98c1:312... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
2 78 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2620:1ec:46::60 8075 (MICROSOFT...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 8 40.127.232.184 8075 (MICROSOFT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 52.214.139.26 16509 (AMAZON-02)
29 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 35.234.86.61 396982 (GOOGLE-CL...)
1 77.37.33.30 209242 (CLOUDFLAR...)
3 3 104.18.190.136 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
31 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 52.51.128.76 16509 (AMAZON-02)
45 143.204.215.102 16509 (AMAZON-02)
2 2 20.93.81.72 ()
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2620:1ec:bdf::60 8075 (MICROSOFT...)
12 2600:9000:276... 16509 (AMAZON-02)
6 20.122.63.128 8075 (MICROSOFT...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
35 52.84.150.56 16509 (AMAZON-02)
1 34.120.135.117 396982 (GOOGLE-CL...)
3 2600:9000:225... 16509 (AMAZON-02)
2 2600:9000:20f... 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
3 18.66.113.225 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
2 65.9.86.128 16509 (AMAZON-02)
1 99.86.4.71 16509 (AMAZON-02)
1 108.138.3.46 16509 (AMAZON-02)
7 34.102.185.99 396982 (GOOGLE-CL...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 199.232.188.157 54113 (FASTLY)
1 2 142.250.186.38 15169 (GOOGLE)
16 2606:4700:1::... 13335 (CLOUDFLAR...)
2 173.212.233.232 51167 (CONTABO)
6 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2606:4700:303... 13335 (CLOUDFLAR...)
8 43.152.26.142 139341 (ACE-AS-AP...)
2 5.188.238.189 202422 (GHOST)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 _)
2 144.126.250.218 ()
2 13 185.89.211.12 29990 (ASN-APPNEX)
8 2606:4700:10:... 13335 (CLOUDFLAR...)
2 9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.66.97.49 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
12 2a03:2880:f08... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
2 2600:9000:26e... 16509 (AMAZON-02)
1 2600:9000:266... 16509 (AMAZON-02)
2 5 2a00:1450:400... 15169 (GOOGLE)
1 69.173.144.137 26667 (RUBICONPR...)
3 34.149.50.64 15169 (GOOGLE)
4 185.86.138.121 201081 (SMARTADSE...)
2 8 172.64.151.101 13335 (CLOUDFLAR...)
2 2602:803:c003... 26667 (RUBICONPR...)
2 104.244.42.69 13414 (TWITTER)
2 104.244.42.3 13414 (TWITTER)
3 12 18.244.18.32 16509 (AMAZON-02)
2 2600:9000:264... 16509 (AMAZON-02)
1 4 52.28.196.42 16509 (AMAZON-02)
1 6 185.184.10.30 203690 (RTB-HOUSE...)
1 2a00:1450:400... 15169 (GOOGLE)
5 75.119.136.196 51167 (CONTABO)
1 13.227.219.71 16509 (AMAZON-02)
1 104.26.13.205 13335 (CLOUDFLAR...)
2 7 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 2a03:2880:f17... 32934 (FACEBOOK)
7 35.214.149.91 15169 (GOOGLE)
10 34.110.191.112 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 54.233.85.30 16509 (AMAZON-02)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 18.238.243.35 16509 (AMAZON-02)
10 146.75.118.49 54113 (FASTLY)
29 2a00:1450:400... 15169 (GOOGLE)
12 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
26 43.132.32.113 132203 (TENCENT-N...)
47 78.46.77.172 24940 (HETZNER-AS)
9 13.248.221.98 16509 (AMAZON-02)
1 5 2a02:2638:3::c 44788 (ASN-CRITE...)
2 172.64.149.180 13335 (CLOUDFLAR...)
1 151.101.193.108 54113 (FASTLY)
2 88.221.125.233 16625 (AKAMAI-AS)
2 2600:9000:225... 16509 (AMAZON-02)
2 151.101.129.44 54113 (FASTLY)
1 54.207.86.50 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
2 172.217.18.2 15169 (GOOGLE)
2 2 3.227.118.128 14618 (AMAZON-AES)
1 178.250.1.9 44788 (ASN-CRITE...)
1 35.71.131.137 16509 (AMAZON-02)
1 2607:ae80:4::26 26558 (FREEWHEEL)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 1 35.186.193.173 15169 (GOOGLE)
2 2 151.101.130.49 54113 (FASTLY)
6 88.221.83.82 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
7 104.18.70.113 13335 (CLOUDFLAR...)
58 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.162 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
1 104.18.72.113 13335 (CLOUDFLAR...)
15 143.204.215.55 16509 (AMAZON-02)
3 141.226.228.48 200478 (TABOOLA-AS)
3 104.16.51.111 13335 (CLOUDFLAR...)
1 18.173.205.14 16509 (AMAZON-02)
2 108.156.60.76 16509 (AMAZON-02)
1 54.231.201.57 16509 (AMAZON-02)
1 34.194.239.138 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2804:49c:3104... 15201 (Universo ...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a02:2638:d::c 44788 (ASN-CRITE...)
7 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
2 2a02:2638:3::10 44788 (ASN-CRITE...)
2 2a02:2638:3::1a 44788 (ASN-CRITE...)
954 142
63    200.147.36.53 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-147-36-53.static.uol.com.br
tnonline.uol.com.br
70    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.securely-send.com
adjs.media
content.adminemx.com
ps.adminemx.com
13    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
78    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tnonline.com.br
gml-grp.com
metrics.dataroyal.io
data.gblcdn.com
server.gblcdn.com
2    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
8    40.127.232.184 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlf12bet.adsrv.eacdn.com
wlpixbet.adsrv.eacdn.com
bsbrcdna.com
2    2606:4700::6811:5559 (United States)

ASN13335 (CLOUDFLARENET, US)
br.betano.com
1    2606:4700:4400::6812:2bd3 (United States)

ASN13335 (CLOUDFLARENET, US)
pixbet.com
1    2606:4700:4400::ac40:9649 (United States)

ASN13335 (CLOUDFLARENET, US)
f12.bet
1    2606:4700:4400::ac40:9bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
br.betsat.com
1    52.214.139.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-139-26.eu-west-1.compute.amazonaws.com
go.aff.estrelabetpartners.com
29    2606:4700:10::6816:630 (United States)

ASN13335 (CLOUDFLARENET, US)
estrelabet.com
service.estrelabet.com
1    35.234.86.61 (Frankfurt am Main, Germany)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.86.234.35.bc.googleusercontent.com
dash.afiliadosbet.com
1    77.37.33.30 (Germany)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
luva.bet
3    104.18.190.136 (None, )

ASN13335 (CLOUDFLARENET, US)
record.nsxafiliados.com
record.emixpartners.com
1    2606:4700::6812:ed3 (United States)

ASN13335 (CLOUDFLARENET, US)
tvbet.com
31    2606:4700:3030::6815:448a (United States)

ASN13335 (CLOUDFLARENET, US)
joiabet.com
1    52.51.128.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-128-76.eu-west-1.compute.amazonaws.com
go.aff.esportesdasorte.com
45    143.204.215.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-102.fra53.r.cloudfront.net
m.esportesdasorte.com
2    20.93.81.72 (Dublin, Ireland)

ASN- ()
media.888africa.com
1    2606:4700:4400::ac40:9892 (United States)

ASN13335 (CLOUDFLARENET, US)
blzbets.com
1    2606:4700::6812:93b (United States)

ASN13335 (CLOUDFLARENET, US)
betnacional.com
3    2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
wlf12bet.eacdn.com
12    2600:9000:2761:a000:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.jsuol.com.br
6    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
10    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
jnn-pa.googleapis.com
2    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
35    52.84.150.56 (United States)

ASN16509 (AMAZON-02, US)
odin.sportingtech.com
1    34.120.135.117 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.135.120.34.bc.googleusercontent.com
sb2widgetsstatic-altenar2.biahosted.com
3    2600:9000:2251:e400:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tm.uol.com.br
2    2600:9000:20f1:2c00:1e:82d4:d9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
privacy-sandbox.uol.com.br
13    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    18.66.113.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-113-225.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    2600:9000:211e:5c00:12:a82:2ec0:93a1 (United States)

ASN16509 (AMAZON-02, US)
conteudo.jsuol.com.br
1    2600:9000:223d:9800:1:aa11:940:93a1 (United States)

ASN16509 (AMAZON-02, US)
me.jsuol.com.br
2    65.9.86.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-128.ams1.r.cloudfront.net
libs.smartico.ai
1    99.86.4.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-71.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    108.138.3.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-46.fra56.r.cloudfront.net
aax.amazon-adsystem.com
7    34.102.185.99 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 99.185.102.34.bc.googleusercontent.com
tt-10162-1.seg.t.tailtarget.com
m.t.tailtarget.com
b.t.tailtarget.com
t.tailtarget.com
1    2606:4700:3033::ac43:d642 (United States)

ASN13335 (CLOUDFLARENET, US)
deviatetracking.com
3    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
13496778.fls.doubleclick.net
16    2606:4700:1::6813:814c (United States)

ASN13335 (CLOUDFLARENET, US)
a.mgid.com
2    173.212.233.232 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: srv.swj-panel.com
player.kompassify.com
api.kompassify.com
6    2a02:26f0:480:22::1726:62c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tm.ads.sportradar.com
tracker.ads.sportradar.com
2    2606:4700:3032::ac43:cb12 (United States)

ASN13335 (CLOUDFLARENET, US)
metrics.getrmads.com
8    43.152.26.142 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    5.188.238.189 (São Paulo, Brazil)

ASN202422 (GHOST, LU)
PTR: br-gc-balancer.advcake.com
advcake.dataroyal.com.br
hitbr.acstat.com
4    2606:4700:20::681a:772 (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.prdredir.com
rtg.prdredir.com
1    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 _, GB)
tags.creativecdn.com
2    144.126.250.218 (Clifton, United States)

ASN- ()
tags.fulllab.com.br
13    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
8    2606:4700:10::6816:3ab5 (United States)

ASN13335 (CLOUDFLARENET, US)
app.posthog.com
9    2606:4700:10::6816:108d (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
pdp-cdn.retargetly.com
pdp-service.retargetly.com
1    18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net
static.hotjar.com
2    2606:4700:20::681a:405 (United States)

ASN13335 (CLOUDFLARENET, US)
static.userguiding.com
12    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:211e:f600:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)
udr.uol.com.br
2    2600:9000:26e8:e200:1c:9011:a540:93a1 (United States)

ASN16509 (AMAZON-02, US)
stc.uol.com
1    2600:9000:266e:f200:10:3798:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
conteudo.imguol.com.br
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    34.149.50.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
4    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
8    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
12    18.244.18.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-32.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    2600:9000:2646:5200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
4    52.28.196.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
6    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    75.119.136.196 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi713732.contaboserver.net
player.kompassify.app
boot-loader.kompassify.app
api.kompassify.app
1    13.227.219.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-71.ams54.r.cloudfront.net
script.hotjar.com
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
7    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
12    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
10    34.110.191.112 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 112.191.110.34.bc.googleusercontent.com
sb2bonus-altenar2.biahosted.com
sb2auth-altenar2.biahosted.com
2    2606:4700:10::ac43:1ce8 (United States)

ASN13335 (CLOUDFLARENET, US)
sb2frontend-altenar2.biahosted.com
4    54.233.85.30 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-233-85-30.sa-east-1.compute.amazonaws.com
event.getblue.io
widget.getblue.io
2    2606:4700:3033::ac43:9c10 (United States)

ASN13335 (CLOUDFLARENET, US)
syncads.io
1    2606:4700:10::6816:95a (United States)

ASN13335 (CLOUDFLARENET, US)
sb2integration-altenar2.biahosted.com
1    18.238.243.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-243-35.ams58.r.cloudfront.net
fw-cdn.com
10    146.75.118.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.contentful.com
29    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2606:4700:10::6816:4bfe (United States)

ASN13335 (CLOUDFLARENET, US)
licensing.gaming-curacao.com
26    43.132.32.113 (Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
api.mythad.com
47    78.46.77.172 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.172.77.46.78.clients.your-server.de
static.sportingtech.com
9    13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com
crunchequation-org-74030d2ee16a88e16709193.freshchat.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    172.64.149.180 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    88.221.125.233 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-125-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    2600:9000:2251:6e00:14:4688:e200:93a1 (United States)

ASN16509 (AMAZON-02, US)
4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    54.207.86.50 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-207-86-50.sa-east-1.compute.amazonaws.com
cms.getblue.io
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net
cm.g.doubleclick.net
2    3.227.118.128 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-118-128.compute-1.amazonaws.com
i.liadm.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2607:ae80:4::26 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
cm.ctnsnet.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    88.221.83.82 (Diegem, Belgium)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-83-82.deploy.static.akamaitechnologies.com
logsdk.kwai-pro.com
3    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
7    104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)
static.zdassets.com
58    2a02:26f0:480:f::213:7ece (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
img-cdn001.akamaized.net
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
2    2606:4700:3037::ac43:88da (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.mediamathrdrt.com
rtg.mediamathrdrt.com
1    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)
ekr.zdassets.com
15    143.204.215.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-55.fra53.r.cloudfront.net
assetscdn-wchat.freshchat.com
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
3    104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)
esportesdasortee.zendesk.com
1    18.173.205.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-14.fra56.r.cloudfront.net
rts-static-prod.freshworksapi.com
2    108.156.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-76.ams1.r.cloudfront.net
688588608962031.webpush.freshchat.com
1    54.231.201.57 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
1    34.194.239.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-239-138.compute-1.amazonaws.com
ping.chartbeat.net
8    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:211e:7800:1d:3c55:e840:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.dynad.net
1    2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
imasdk.googleapis.com
1    2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2804:49c:3104:401:ffff:ffff:ffff:34 (Brazil)

ASN15201 (Universo Online S.A., BR)
tracker.bt.uol.com.br
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr3.eu.criteo.com
7    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
2    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
2    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
Apex Domain
Subdomains		 Transfer
82 sportingtech.com
odin.sportingtech.com
static.sportingtech.com
2 MB
72 tnonline.com.br
cdn.tnonline.com.br Failed
1 MB
70 uol.com.br
tnonline.uol.com.br
tm.uol.com.br — Cisco Umbrella Rank: 109856
page-context.uol.com.br Failed
privacy-sandbox.uol.com.br — Cisco Umbrella Rank: 195491
udr.uol.com.br — Cisco Umbrella Rank: 132378
tracker.bt.uol.com.br — Cisco Umbrella Rank: 121743
2 MB
66 adminemx.com
content.adminemx.com
ps.adminemx.com
4 MB
58 akamaized.net
img-cdn001.akamaized.net — Cisco Umbrella Rank: 248559
323 KB
46 esportesdasorte.com
go.aff.esportesdasorte.com
m.esportesdasorte.com
1 MB
44 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 Failed
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 158
747 KB
31 joiabet.com
joiabet.com
622 KB
29 estrelabet.com
estrelabet.com
service.estrelabet.com
2 MB
29 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 113
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
13496778.fls.doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 278
pubads.g.doubleclick.net — Cisco Umbrella Rank: 402
static.doubleclick.net — Cisco Umbrella Rank: 271
304 KB
26 freshchat.com
crunchequation-org-74030d2ee16a88e16709193.freshchat.com
assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 21912
688588608962031.webpush.freshchat.com
731 KB
26 mythad.com
api.mythad.com — Cisco Umbrella Rank: 29740
15 KB
16 mgid.com
a.mgid.com — Cisco Umbrella Rank: 12495
17 KB
14 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 523
ib.adnxs.com — Cisco Umbrella Rank: 272
acdn.adnxs.com — Cisco Umbrella Rank: 639
31 KB
14 biahosted.com
sb2widgetsstatic-altenar2.biahosted.com — Cisco Umbrella Rank: 276323
sb2bonus-altenar2.biahosted.com — Cisco Umbrella Rank: 197010
sb2frontend-altenar2.biahosted.com — Cisco Umbrella Rank: 147610 Failed
sb2auth-altenar2.biahosted.com — Cisco Umbrella Rank: 183657
sb2integration-altenar2.biahosted.com — Cisco Umbrella Rank: 193004
243 KB
14 jsuol.com.br
tm.jsuol.com.br — Cisco Umbrella Rank: 101113
conteudo.jsuol.com.br — Cisco Umbrella Rank: 135277
me.jsuol.com.br — Cisco Umbrella Rank: 124052
275 KB
13 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 48
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
imasdk.googleapis.com — Cisco Umbrella Rank: 476
418 KB
13 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 52 Failed
1 MB
12 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
385 B
12 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 192
17 KB
12 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 191
221 KB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 689
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8417
csm.eu.criteo.net — Cisco Umbrella Rank: 7991
22 KB
11 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2400
adservice.google.com — Cisco Umbrella Rank: 122
www.google.com — Cisco Umbrella Rank: 2
23 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 381
208 KB
10 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
dis.criteo.com — Cisco Umbrella Rank: 632
dynamic.criteo.com — Cisco Umbrella Rank: 4173
mug.criteo.com — Cisco Umbrella Rank: 2577
ads.eu.criteo.com — Cisco Umbrella Rank: 7905
rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 13595
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9712
74 KB
10 contentful.com
cdn.contentful.com — Cisco Umbrella Rank: 8135
7 KB
10 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 934
p.clarity.ms — Cisco Umbrella Rank: 8050
c.clarity.ms — Cisco Umbrella Rank: 1449
29 KB
9 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 5374
pdp-cdn.retargetly.com — Cisco Umbrella Rank: 8770
pdp-service.retargetly.com — Cisco Umbrella Rank: 8286
12 KB
9 eacdn.com
wlf12bet.adsrv.eacdn.com
wlpixbet.adsrv.eacdn.com
wlf12bet.eacdn.com
201 KB
8 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1010 KB
8 zdassets.com
static.zdassets.com — Cisco Umbrella Rank: 2491
ekr.zdassets.com — Cisco Umbrella Rank: 2789
214 KB
8 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 484
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 541
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 696
5 KB
8 posthog.com
app.posthog.com — Cisco Umbrella Rank: 9746
92 KB
8 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 50435
306 KB
7 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 396
2 KB
7 creativecdn.com
tags.creativecdn.com — Cisco Umbrella Rank: 6446
us.creativecdn.com — Cisco Umbrella Rank: 3306
5 KB
7 tailtarget.com
tt-10162-1.seg.t.tailtarget.com — Cisco Umbrella Rank: 136756
m.t.tailtarget.com — Cisco Umbrella Rank: 214979
b.t.tailtarget.com — Cisco Umbrella Rank: 74464
t.tailtarget.com — Cisco Umbrella Rank: 27369
2 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5654
834 B
6 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 46204
924 B
6 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 898
fastlane.rubiconproject.com — Cisco Umbrella Rank: 538
eus.rubiconproject.com — Cisco Umbrella Rank: 626
token.rubiconproject.com — Cisco Umbrella Rank: 499
14 KB
6 sportradar.com
tm.ads.sportradar.com — Cisco Umbrella Rank: 45565
tracker.ads.sportradar.com — Cisco Umbrella Rank: 46577
132 KB
5 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1140
trc.taboola.com — Cisco Umbrella Rank: 652
trc-events.taboola.com — Cisco Umbrella Rank: 2331
24 KB
5 getblue.io
event.getblue.io — Cisco Umbrella Rank: 38201
widget.getblue.io — Cisco Umbrella Rank: 40529
cms.getblue.io — Cisco Umbrella Rank: 66089
7 KB
5 kompassify.app
player.kompassify.app
boot-loader.kompassify.app — Cisco Umbrella Rank: 914477
api.kompassify.app — Cisco Umbrella Rank: 812882
122 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 303
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 624
aax.amazon-adsystem.com — Cisco Umbrella Rank: 407
76 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com Failed
48 KB
4 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2604
5 KB
4 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1735
2 KB
4 prdredir.com
scripts.prdredir.com — Cisco Umbrella Rank: 83364
rtg.prdredir.com — Cisco Umbrella Rank: 162166
4 KB
3 zendesk.com
esportesdasortee.zendesk.com
1 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
13 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1739
mab.chartbeat.com — Cisco Umbrella Rank: 2777
35 KB
3 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 1954
512 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
ssl.google-analytics.com — Cisco Umbrella Rank: 605
38 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 353
6 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 4434 Failed
onesignal.com — Cisco Umbrella Rank: 1421
73 KB
2 gblcdn.com
data.gblcdn.com — Cisco Umbrella Rank: 330420
server.gblcdn.com — Cisco Umbrella Rank: 480168
7 KB
2 mediamathrdrt.com
scripts.mediamathrdrt.com — Cisco Umbrella Rank: 249398
rtg.mediamathrdrt.com — Cisco Umbrella Rank: 484060
2 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 141
4 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 810
669 B
2 liadm.com
i.liadm.com — Cisco Umbrella Rank: 607
1 KB
2 antillephone.com
4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com
2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com Failed
47 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 704
cdn.indexww.com — Cisco Umbrella Rank: 2121
2 KB
2 syncads.io
syncads.io
2 KB
2 adjs.media
adjs.media — Cisco Umbrella Rank: 286331
4 KB
2 dataroyal.io
metrics.dataroyal.io — Cisco Umbrella Rank: 963907
2 KB
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 935
845 B
2 t.co
t.co — Cisco Umbrella Rank: 641
496 B
2 uol.com
stc.uol.com — Cisco Umbrella Rank: 131437
41 KB
2 userguiding.com
static.userguiding.com — Cisco Umbrella Rank: 48838
507 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 825
script.hotjar.com — Cisco Umbrella Rank: 1119
59 KB
2 fulllab.com.br
tags.fulllab.com.br — Cisco Umbrella Rank: 998102
3 KB
2 getrmads.com
metrics.getrmads.com — Cisco Umbrella Rank: 808181
2 KB
2 kompassify.com
player.kompassify.com — Cisco Umbrella Rank: 892761
api.kompassify.com — Cisco Umbrella Rank: 804608
2 KB
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 916
30 KB
2 smartico.ai
libs.smartico.ai — Cisco Umbrella Rank: 217456
134 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 996
14 KB
2 888africa.com
media.888africa.com
2 KB
2 nsxafiliados.com
record.nsxafiliados.com
802 B
2 bsbrcdna.com
bsbrcdna.com
2 KB
2 betano.com
br.betano.com — Cisco Umbrella Rank: 437684
633 B
2 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 48241
2 KB
2 securely-send.com
www.securely-send.com — Cisco Umbrella Rank: 625788
15 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 328
17 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 280
768 B
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218
4 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
61 KB
1 dynad.net
s.dynad.net — Cisco Umbrella Rank: 563286
26 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1396
201 B
1 amazonaws.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com — Cisco Umbrella Rank: 35934
69 KB
1 freshworksapi.com
rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 11945
26 KB
1 ctnsnet.com
cm.ctnsnet.com — Cisco Umbrella Rank: 4440
443 B
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 41970
269 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 619
655 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 389
149 B
1 gaming-curacao.com
licensing.gaming-curacao.com — Cisco Umbrella Rank: 80953
11 KB
1 fw-cdn.com
fw-cdn.com — Cisco Umbrella Rank: 44406
93 KB
1 acstat.com
hitbr.acstat.com — Cisco Umbrella Rank: 635292
276 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2884
154 B
1 imguol.com.br
conteudo.imguol.com.br — Cisco Umbrella Rank: 94384
2 KB
1 dataroyal.com.br
advcake.dataroyal.com.br — Cisco Umbrella Rank: 567408
15 KB
1 deviatetracking.com
deviatetracking.com — Cisco Umbrella Rank: 302831
v7.deviatetracking.com Failed
492 B
1 betnacional.com
betnacional.com
1 blzbets.com
blzbets.com
1 emixpartners.com
record.emixpartners.com
487 B
1 tvbet.com
tvbet.com
1 luva.bet
luva.bet
1 afiliadosbet.com
dash.afiliadosbet.com
567 B
1 estrelabetpartners.com
go.aff.estrelabetpartners.com
767 B
1 betsat.com
br.betsat.com
1 f12.bet
f12.bet
1 pixbet.com
pixbet.com
954 112
Domain Requested by
72 cdn.tnonline.com.br tnonline.uol.com.br
63 tnonline.uol.com.br 27 redirects tnonline.uol.com.br
62 content.adminemx.com joiabet.com
tnonline.uol.com.br
58 img-cdn001.akamaized.net tnonline.uol.com.br
m.esportesdasorte.com
47 static.sportingtech.com m.esportesdasorte.com
tnonline.uol.com.br
45 m.esportesdasorte.com tnonline.uol.com.br
m.esportesdasorte.com
35 odin.sportingtech.com m.esportesdasorte.com
31 joiabet.com tnonline.uol.com.br
joiabet.com
static.cloudflareinsights.com
29 pagead2.googlesyndication.com tnonline.uol.com.br
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
cdn.ampproject.org
imasdk.googleapis.com
tpc.googlesyndication.com
26 api.mythad.com estrelabet.com
m.esportesdasorte.com
26 estrelabet.com tnonline.uol.com.br
estrelabet.com
16 a.mgid.com www.googletagmanager.com
tnonline.uol.com.br
estrelabet.com
15 assetscdn-wchat.freshchat.com crunchequation-org-74030d2ee16a88e16709193.freshchat.com
assetscdn-wchat.freshchat.com
13 securepubads.g.doubleclick.net tm.jsuol.com.br
securepubads.g.doubleclick.net
tnonline.uol.com.br
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
13 www.googletagmanager.com tnonline.uol.com.br
estrelabet.com
www.googletagmanager.com
me.jsuol.com.br
joiabet.com
12 tpc.googlesyndication.com securepubads.g.doubleclick.net
tnonline.uol.com.br
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
cdn.ampproject.org
tpc.googlesyndication.com
12 www.facebook.com estrelabet.com
tnonline.uol.com.br
12 sb.scorecardresearch.com 3 redirects tnonline.uol.com.br
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
12 connect.facebook.net tnonline.uol.com.br
connect.facebook.net
www.googletagmanager.com
12 tm.jsuol.com.br tnonline.uol.com.br
tm.jsuol.com.br
tm.uol.com.br
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
10 cdn.ampproject.org securepubads.g.doubleclick.net
10 cdn.contentful.com joiabet.com
9 crunchequation-org-74030d2ee16a88e16709193.freshchat.com fw-cdn.com
crunchequation-org-74030d2ee16a88e16709193.freshchat.com
assetscdn-wchat.freshchat.com
9 ib.adnxs.com 1 redirects tm.jsuol.com.br
estrelabet.com
acdn.adnxs.com
event.getblue.io
8 www.youtube.com tnonline.uol.com.br
www.youtube.com
8 app.posthog.com tnonline.uol.com.br
estrelabet.com
app.posthog.com
8 s1.kwai.net tnonline.uol.com.br
s1.kwai.net
7 static.criteo.net ads.eu.criteo.com
7 static.zdassets.com static.sportingtech.com
static.zdassets.com
7 x.bidswitch.net estrelabet.com
tnonline.uol.com.br
7 www.google.com 2 redirects estrelabet.com
tnonline.uol.com.br
www.youtube.com
tpc.googlesyndication.com
7 fonts.googleapis.com m.esportesdasorte.com
joiabet.com
sb2widgetsstatic-altenar2.biahosted.com
7 www.google.de tnonline.uol.com.br
estrelabet.com
6 logsdk.kwai-pro.com estrelabet.com
m.esportesdasorte.com
6 sb2bonus-altenar2.biahosted.com estrelabet.com
6 us.creativecdn.com 1 redirects estrelabet.com
tags.creativecdn.com
6 p.clarity.ms www.clarity.ms
5 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 gum.criteo.com 1 redirects tm.jsuol.com.br
dynamic.criteo.com
4 ps.adminemx.com joiabet.com
4 sb2auth-altenar2.biahosted.com estrelabet.com
4 pdp-service.retargetly.com 1 redirects estrelabet.com
4 a.sportradarserving.com 1 redirects estrelabet.com
tm.ads.sportradar.com
4 tracker.ads.sportradar.com tm.ads.sportradar.com
tracker.ads.sportradar.com
4 prg.smartadserver.com tm.jsuol.com.br
4 api.retargetly.com 1 redirects tnonline.uol.com.br
api.retargetly.com
4 secure.adnxs.com 1 redirects estrelabet.com
www.googletagmanager.com
4 wlf12bet.adsrv.eacdn.com 2 redirects tnonline.uol.com.br
wlf12bet.eacdn.com
3 esportesdasortee.zendesk.com static.zdassets.com
3 trc-events.taboola.com m.esportesdasorte.com
3 pubads.g.doubleclick.net tnonline.uol.com.br
imasdk.googleapis.com
3 event.getblue.io www.googletagmanager.com
event.getblue.io
3 cdnjs.cloudflare.com tags.fulllab.com.br
3 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 service.estrelabet.com estrelabet.com
3 s.seedtag.com tm.jsuol.com.br
3 scripts.prdredir.com www.googletagmanager.com
scripts.prdredir.com
3 cdn.jsdelivr.net estrelabet.com
tnonline.uol.com.br
3 tt-10162-1.seg.t.tailtarget.com tm.jsuol.com.br
tnonline.uol.com.br
3 c.amazon-adsystem.com tnonline.uol.com.br
c.amazon-adsystem.com
3 tm.uol.com.br tm.jsuol.com.br
tnonline.uol.com.br
3 wlf12bet.eacdn.com wlf12bet.adsrv.eacdn.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
3 region1.analytics.google.com www.googletagmanager.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 imasdk.googleapis.com tnonline.uol.com.br
imasdk.googleapis.com
2 c.clarity.ms 1 redirects
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 fonts.gstatic.com www.youtube.com
2 b.t.tailtarget.com tm.jsuol.com.br
2 688588608962031.webpush.freshchat.com crunchequation-org-74030d2ee16a88e16709193.freshchat.com
688588608962031.webpush.freshchat.com
2 www.googleadservices.com www.googletagmanager.com
2 sync-tm.everesttech.net 2 redirects
2 i.liadm.com 2 redirects
2 cm.g.doubleclick.net ssum-sec.casalemedia.com
2 api.kompassify.app boot-loader.kompassify.app
2 4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com m.esportesdasorte.com
tnonline.uol.com.br
2 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
2 eus.rubiconproject.com tm.jsuol.com.br
eus.rubiconproject.com
2 boot-loader.kompassify.app player.kompassify.app
boot-loader.kompassify.app
2 syncads.io www.googletagmanager.com
syncads.io
2 adjs.media tnonline.uol.com.br
adjs.media
2 sb2frontend-altenar2.biahosted.com estrelabet.com
2 metrics.dataroyal.io advcake.dataroyal.com.br
metrics.dataroyal.io
2 static.chartbeat.com conteudo.jsuol.com.br
2 analytics.twitter.com estrelabet.com
tnonline.uol.com.br
2 t.co estrelabet.com
tnonline.uol.com.br
2 fastlane.rubiconproject.com tm.jsuol.com.br
2 htlb.casalemedia.com tm.jsuol.com.br
2 stc.uol.com conteudo.jsuol.com.br
2 www.google-analytics.com me.jsuol.com.br
www.google-analytics.com
2 static.userguiding.com tnonline.uol.com.br
estrelabet.com
2 tags.fulllab.com.br www.googletagmanager.com
tags.fulllab.com.br
2 metrics.getrmads.com www.googletagmanager.com
metrics.getrmads.com
2 tm.ads.sportradar.com tnonline.uol.com.br
2 13496778.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 static.ads-twitter.com www.googletagmanager.com
static.sportingtech.com
2 libs.smartico.ai estrelabet.com
tnonline.uol.com.br
2 privacy-sandbox.uol.com.br tm.jsuol.com.br
tnonline.uol.com.br
2 static.cloudflareinsights.com joiabet.com
2 media.888africa.com 2 redirects
2 record.nsxafiliados.com 2 redirects
2 bsbrcdna.com 2 redirects
2 wlpixbet.adsrv.eacdn.com 2 redirects
2 br.betano.com 1 redirects tnonline.uol.com.br
2 gml-grp.com 2 redirects
2 www.clarity.ms tnonline.uol.com.br
www.clarity.ms
2 cdn.onesignal.com tnonline.uol.com.br
cdn.onesignal.com
2 www.securely-send.com tnonline.uol.com.br
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 rtb.fr3.eu.criteo.com 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
1 ads.eu.criteo.com 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
1 s0.2mdn.net imasdk.googleapis.com
1 c.bing.com 1 redirects
1 tracker.bt.uol.com.br tnonline.uol.com.br
1 t.tailtarget.com tnonline.uol.com.br
1 yt3.ggpht.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 s.dynad.net 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
1 server.gblcdn.com data.gblcdn.com
1 onesignal.com cdn.onesignal.com
1 ping.chartbeat.net tnonline.uol.com.br
1 data.gblcdn.com tnonline.uol.com.br
1 fc-use1-00-pics-bkt-00.s3.amazonaws.com tnonline.uol.com.br
1 rts-static-prod.freshworksapi.com assetscdn-wchat.freshchat.com
1 mug.criteo.com tnonline.uol.com.br
1 rtg.mediamathrdrt.com tnonline.uol.com.br
1 ekr.zdassets.com m.esportesdasorte.com
1 dynamic.criteo.com www.googletagmanager.com
1 scripts.mediamathrdrt.com www.googletagmanager.com
1 ssl.google-analytics.com www.googletagmanager.com
1 trc.taboola.com cdn.taboola.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 euexchangesync.digitaleast.mobi 1 redirects
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 match.adsrvr.org ssum-sec.casalemedia.com
1 dis.criteo.com ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 cms.getblue.io event.getblue.io
1 cdn.taboola.com tnonline.uol.com.br
1 acdn.adnxs.com tm.jsuol.com.br
1 js-sec.indexww.com tm.jsuol.com.br
1 widget.getblue.io event.getblue.io
1 rtg.prdredir.com tnonline.uol.com.br
1 licensing.gaming-curacao.com tnonline.uol.com.br
1 fw-cdn.com joiabet.com
1 sb2integration-altenar2.biahosted.com estrelabet.com
1 hitbr.acstat.com estrelabet.com
1 mab.chartbeat.com static.chartbeat.com
1 pdp-cdn.retargetly.com api.retargetly.com
1 api.ipify.org estrelabet.com
1 script.hotjar.com static.hotjar.com
1 player.kompassify.app player.kompassify.com
1 adservice.google.com 13496778.fls.doubleclick.net
1 api.kompassify.com estrelabet.com
1 prebid-server.rubiconproject.com tm.jsuol.com.br
1 conteudo.imguol.com.br tnonline.uol.com.br
1 m.t.tailtarget.com tnonline.uol.com.br
1 udr.uol.com.br tm.jsuol.com.br
1 static.hotjar.com tnonline.uol.com.br
1 tags.creativecdn.com tnonline.uol.com.br
1 advcake.dataroyal.com.br tnonline.uol.com.br
1 player.kompassify.com www.googletagmanager.com
1 deviatetracking.com 1 redirects
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 me.jsuol.com.br tm.jsuol.com.br
1 conteudo.jsuol.com.br tm.jsuol.com.br
1 sb2widgetsstatic-altenar2.biahosted.com estrelabet.com
1 betnacional.com tnonline.uol.com.br
1 blzbets.com tnonline.uol.com.br
1 go.aff.esportesdasorte.com 1 redirects
1 record.emixpartners.com 1 redirects
1 tvbet.com tnonline.uol.com.br
1 luva.bet tnonline.uol.com.br
1 dash.afiliadosbet.com 1 redirects
1 go.aff.estrelabetpartners.com 1 redirects
1 br.betsat.com tnonline.uol.com.br
1 f12.bet tnonline.uol.com.br
1 pixbet.com tnonline.uol.com.br
0 csi.gstatic.com Failed imasdk.googleapis.com
0 2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com Failed m.esportesdasorte.com
0 v7.deviatetracking.com Failed estrelabet.com
0 page-context.uol.com.br Failed tm.jsuol.com.br
954 189
Subject Issuer Validity Valid
psec02.uol.com.br
R3		 2023-12-15 -
2024-03-14		 3 months crt.sh
securely-send.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tnonline.com.br
E1		 2023-12-24 -
2024-03-23		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.adsrv.eacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-17 -
2024-08-14		 a year crt.sh
betano.com
Cloudflare Inc ECC CA-3		 2023-12-31 -
2024-12-30		 a year crt.sh
pixbet.com
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh
f12.bet
GTS CA 1P5		 2024-02-08 -
2024-05-08		 3 months crt.sh
betsat.com
GTS CA 1P5		 2024-02-04 -
2024-05-04		 3 months crt.sh
*.estrelabet.com
Go Daddy Secure Certificate Authority - G2		 2023-12-18 -
2025-01-18		 a year crt.sh
luva.bet
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
tvbet.com
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
joiabet.com
E1		 2024-02-04 -
2024-05-04		 3 months crt.sh
*.esportesdasorte.com
Amazon RSA 2048 M02		 2023-06-27 -
2024-07-25		 a year crt.sh
blzbets.com
GTS CA 1P5		 2024-01-31 -
2024-04-30		 3 months crt.sh
betnacional.com
GTS CA 1P5		 2024-01-21 -
2024-04-20		 3 months crt.sh
ia-prod-azurecdn.eacdn.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-24 -
2024-11-29		 a year crt.sh
*.jsuol.com.br
Amazon RSA 2048 M01		 2023-08-03 -
2024-08-31		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01		 2024-01-14 -
2024-06-27		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
odin.sportingtech.com
Amazon RSA 2048 M01		 2023-06-02 -
2024-06-30		 a year crt.sh
sb2widgetsstatic-altenar2.biahosted.com
GTS CA 1D4		 2024-02-08 -
2024-05-08		 3 months crt.sh
*.uol.com.br
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-12-30 -
2024-12-04		 a year crt.sh
smartico.ai
Amazon RSA 2048 M02		 2023-07-20 -
2024-08-17		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2024-01-21 -
2025-02-19		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2024-01-19 -
2024-12-29		 a year crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-09		 a year crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.kompassify.com
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
tracker.ads.sportradar.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
getrmads.com
GTS CA 1P5		 2024-02-07 -
2024-05-07		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2023-10-26 -
2024-11-26		 a year crt.sh
advcake.dataroyal.com.br
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
prdredir.com
GTS CA 1P5		 2023-12-30 -
2024-03-29		 3 months crt.sh
1589314308.rsc.cdn77.org
R3		 2024-01-09 -
2024-04-08		 3 months crt.sh
tags.fulllab.com.br
R3		 2024-02-11 -
2024-05-11		 3 months crt.sh
*.retargetly.com
R3		 2023-12-21 -
2024-03-20		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-11-30 -
2024-02-28		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.uol.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
imguol.com
Amazon RSA 2048 M02		 2023-07-01 -
2024-07-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
t.co
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-07 -
2025-01-06		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-31 -
2024-10-29		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.kompassify.app
R3		 2024-01-15 -
2024-04-14		 3 months crt.sh
ipify.org
GTS CA 1P5		 2024-01-22 -
2024-04-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA		 2023-12-11 -
2024-12-10		 a year crt.sh
hitbr.acstat.com
R3		 2024-01-20 -
2024-04-19		 3 months crt.sh
dataroyal.io
GTS CA 1P5		 2024-02-18 -
2024-05-18		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.sportradarserving.com
Entrust Certification Authority - L1K		 2023-09-20 -
2024-10-14		 a year crt.sh
*.biahosted.com
Go Daddy Secure Certificate Authority - G2		 2023-08-31 -
2024-10-01		 a year crt.sh
sb2frontend-altenar2.biahosted.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
adjs.media
E1		 2024-01-26 -
2024-04-25		 3 months crt.sh
*.getblue.io
Amazon RSA 2048 M02		 2023-10-30 -
2024-11-27		 a year crt.sh
syncads.io
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
sb2integration-altenar2.biahosted.com
E1		 2024-01-20 -
2024-04-19		 3 months crt.sh
content.adminemx.com
E1		 2024-01-02 -
2024-04-01		 3 months crt.sh
adminemx.com
GTS CA 1P5		 2024-01-16 -
2024-04-15		 3 months crt.sh
fw-cdn.com
Amazon RSA 2048 M02		 2023-12-23 -
2025-01-19		 a year crt.sh
cdn.contentful.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-01 -
2024-08-01		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-03-09 -
2024-04-09		 a year crt.sh
*.sportingtech.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-16 -
2024-07-15		 a year crt.sh
*.freshchat.com
Amazon RSA 2048 M02		 2024-01-22 -
2025-02-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.snippet.antillephone.com
Starfield Secure Certificate Authority - G2		 2023-04-02 -
2024-05-03		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-08-10 -
2024-09-10		 a year crt.sh
zdassets.com
E1		 2024-01-04 -
2024-04-03		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
mediamathrdrt.com
GTS CA 1P5		 2024-01-02 -
2024-04-01		 3 months crt.sh
freshchat.com
Amazon RSA 2048 M02		 2023-07-05 -
2024-08-01		 a year crt.sh
esportesdasortee.zendesk.com
Cloudflare Inc ECC CA-3		 2023-09-26 -
2024-09-25		 a year crt.sh
freshworksapi.com
Amazon RSA 2048 M02		 2024-01-08 -
2025-02-04		 a year crt.sh
*.wchat.webpush.myfreshworks.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-07-18		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
gblcdn.com
GTS CA 1P5		 2024-02-14 -
2024-05-14		 3 months crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.dynad.net
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
uol.com
GeoTrust TLS RSA CA G1		 2023-09-11 -
2024-09-22		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-06		 3 months crt.sh
*.fr3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-10 -
2024-05-05		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-06 -
2024-05-03		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh

This page contains 49 frames:

Primary Page: https://tnonline.uol.com.br/?d=1
Frame ID: 9801DA0902372EA64962204A6C4CD22C
Requests: 213 HTTP requests in this frame

Frame: https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Frame ID: 5C639B53F2343136ABAD1D73F54060A1
Requests: 4 HTTP requests in this frame

Frame: https://br.betano.com/myaccount/ban/country-341630?siteid=14
Frame ID: 7010AE251E7B99DE2D409943F9C8F318
Requests: 1 HTTP requests in this frame

Frame: https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE&siteid=1971
Frame ID: 32224AE0E0D0F76B3D85B689DEA77FB6
Requests: 1 HTTP requests in this frame

Frame: https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE
Frame ID: A0EB947421C7C1A8733C187B74ECFE18
Requests: 1 HTTP requests in this frame

Frame: https://br.betsat.com/hub/registration/?btag=a_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE&affid=20932
Frame ID: EA85551D79DC3FAF65C0A8ACE96DB789
Requests: 1 HTTP requests in this frame

Frame: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Frame ID: 06642E4D27866EFD17FD87A32BAE1081
Requests: 134 HTTP requests in this frame

Frame: https://luva.bet/casino?btag=CX-37126_379506
Frame ID: 3C9CA1734668B7A631755B91FCC67FED
Requests: 1 HTTP requests in this frame

Frame: https://tvbet.com/aviator?token=Z84fJb6_JM-BYCPpBkhYS2Nd7ZgqdRLk
Frame ID: 1C371519494E6B1E5CBC941DDA0E1F2E
Requests: 1 HTTP requests in this frame

Frame: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Frame ID: 041E1206B0096BE3E49D6F9787EDD797
Requests: 124 HTTP requests in this frame

Frame: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Frame ID: 75E9F186C2355895BC64285B2F4311EA
Requests: 254 HTTP requests in this frame

Frame: https://blzbets.com/hub/registration/?btag=a_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE&siteid=1835
Frame ID: 73FD705A8BF11F46FA71006BDDE7BD35
Requests: 1 HTTP requests in this frame

Frame: https://betnacional.com/?token=GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
Frame ID: 7C4D148FB7CF04C04E8E411813DCF41D
Requests: 1 HTTP requests in this frame

Frame: https://wlf12bet.adsrv.eacdn.com/T.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE&t=638440483650220000&MediaID=12&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26
Frame ID: BFC77AFCCD724A81FB7813371D58133A
Requests: 1 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: 0993A9AF28F6D83A8D8A18641E32A9AA
Requests: 2 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 9F1AB0477563D0DE584A14C8BE859769
Requests: 1 HTTP requests in this frame

Frame: https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Frame ID: 076E059D9E3111C4C22F9E93A972E3E1
Requests: 1 HTTP requests in this frame

Frame: https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE
Frame ID: 55F9307D7BF0DD1019813A82E860CAC6
Requests: 2 HTTP requests in this frame

Frame: https://scripts.prdredir.com/safeframe
Frame ID: EACC212E74D7A8ECDB4C2CF9B01E3FBC
Requests: 1 HTTP requests in this frame

Frame: https://tags.fulllab.com.br/safeframe
Frame ID: 396B0AE535D5EE2E7D3DCD67A2305F7A
Requests: 4 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=&_rlid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3
Frame ID: AE44B9FBE7CD6D9E62BD8F4EB34954E0
Requests: 1 HTTP requests in this frame

Frame: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 733FAD8F6519B3FC46E8593109729F94
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst1kvxQp_dKAuG6j8FRRKXi-iq4Yh0Vtnfv29lfurxHu154kWdRK_K5xE4LVRw1PfFlUywszGciRP4hWnmqLhldfUtBAg07Ec6RoXYh7QsDYEgBqUGUZ0H_BYJp_WSVhFh5WRDNkbExaGFZE_W1A-J65Uaqs_Jl8aPeUONg9eTMrfPJXbFwg8498LQ46fHA5A0iwV79TRa0a5x9ExhSiD3Xc9VgPny0ceSsT_847DVYvWvKfJuj39VfKrmBBKA396A-NdEmdz6yCGKcV9s_rlJS2sAVrnsBTRhMVV3ue5LCnGAHZOSxILvvaacMPIWACspgIaTAotl8kEfwTomBkt--3DZ49x_xQNlZID_PpQ9-w3b6hmsB_w0sB5sgXYRNUg1xrucTEXxPBhDPiKw&sig=Cg0ArKJSzMfZ0Jmo9iVeEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: C24A42A54EB2B190F2748B0F11D3EB72
Requests: 11 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=https%3A%2F%2Festrelabet.com%2F&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=
Frame ID: 75BC3835C78C9D017951C3BBE10467FA
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/ig-membership?ntk=0Aj9RwJPwwktFanNFZNtd3w-7x3ePZovcbUaQ1ipEyR39hwCHFCqiOWSIlSOU6B1GZzn9W8nKTB6-pCO0bbQa0F33y1RcfmpiD3LLgVfqd4
Frame ID: 612E28CB8C971D08EFE6446712BAC5A6
Requests: 1 HTTP requests in this frame

Frame: https://us.creativecdn.com/topics-membership?ntk=Jg8jztCplbF_VqG0NhyLBrtkMjhE0ZO9CfBNRnE7-Qg9qb-NijFAySr0W7O8ynyShtngeTNgVcyJIB4Nb8JmS6VYPT9R8ph9Ma7Sf1UKY4Q
Frame ID: B4FB04334B504D9AACFF0A5DC528E451
Requests: 1 HTTP requests in this frame

Frame: https://boot-loader.kompassify.app/?groupUuid=ef1d1e5c-a6f8-42da-ae60-94585d68fe91&refresh=1708451570964
Frame ID: CC82BE7A78E99F1BC8BEC54698ECAF37
Requests: 3 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&nocache=5269334774910.044
Frame ID: BBB8C83CDE6DA411D6978155E6227DAC
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F7B4306617F7D3EEFE7C46E86D5F32DB
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 642A5E8369AED6E7FB1ADCFF664D4F18
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4127FC6622FBFA190A2885AC6F3DDD0A
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: FAB08261D691E994617384B8B820BE0F
Requests: 10 HTTP requests in this frame

Frame: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/config_iframe.html?host=https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com&token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&origin=https://joiabet.com&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877
Frame ID: 28B61B6499DDE44244397A8227CE2783
Requests: 2 HTTP requests in this frame

Frame: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Frame ID: 10F9C398B4BA3EA60E7800166BA8A276
Requests: 23 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=tnonline.uol.com.br&origin=onetag
Frame ID: 671B154B98C8AF7DAE00EAB4EAC89689
Requests: 2 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Frame ID: 1488E5B0531667ADAE47DC5F3DE92735
Requests: 8 HTTP requests in this frame

Frame: https://688588608962031.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==
Frame ID: 43F883A4C5379C414F5705C6A3B51FD9
Requests: 2 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vCkE0H_Mkmg
Frame ID: 46682B0A282B0745A10E51C78829B4ED
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Frame ID: 74BE6F49B1E5C1FDC12105157755E010
Requests: 14 HTTP requests in this frame

Frame: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EDB5D8333E478C25E2BCF01CF439BC6F
Requests: 16 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Frame ID: 457E5A95BCEC814D06E62E6FA48CAB14
Requests: 13 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Frame ID: 31015607FF4EA5AFEECBACDBBF6C441A
Requests: 2 HTTP requests in this frame

Frame: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Frame ID: 7D1C79A14F6430DF8B234E6E61120F63
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BC61CE1865935DA33B3A8D8C427AE77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E19C9E46B109C1D278FC8125F15DCACE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Frame ID: 3E569794208C1BBD812B376A3DB2EB00
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8B9B698F9C9537E619606B7E29E3E769
Requests: 1 HTTP requests in this frame

Frame: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 581A20261A2C251741F8B84FFC4CA990
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Frame ID: BA691087E5A55826620D04479B93E88E
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TNOnline - O portal de notícias do norte do Paraná

Page URL History Show full URLs

  1. http://tnonline.uol.com.br/ HTTP 301
    https://tnonline.uol.com.br/ Page URL
  2. https://tnonline.uol.com.br/?d=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

954
Requests

93 %
HTTPS

53 %
IPv6

112
Domains

189
Subdomains

142
IPs

10
Countries

20760 kB
Transfer

50913 kB
Size

138
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tnonline.uol.com.br/ HTTP 301
    https://tnonline.uol.com.br/ Page URL
  2. https://tnonline.uol.com.br/?d=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://tnonline.uol.com.br/ HTTP 301
  • https://tnonline.uol.com.br/
Request Chain 9
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg?xid=1185981 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg?xid=1185981
Request Chain 24
  • https://tnonline.uol.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389 HTTP 301
  • https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389
Request Chain 35
  • https://tnonline.uol.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46
Request Chain 36
  • https://tnonline.uol.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92
Request Chain 37
  • https://tnonline.uol.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94
Request Chain 38
  • https://tnonline.uol.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24
Request Chain 39
  • https://tnonline.uol.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103
Request Chain 40
  • https://tnonline.uol.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27
Request Chain 41
  • https://tnonline.uol.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25 HTTP 301
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25
Request Chain 54
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
Request Chain 55
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
Request Chain 56
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
Request Chain 57
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
Request Chain 58
  • https://tnonline.uol.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402 HTTP 301
  • https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402
Request Chain 81
  • https://gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=CM_BR_SB_DT_BETANO_TNONLINE HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=CM_BR_SB_DT_BETANO_TNONLINE&AutoR=1 HTTP 302
  • https://br.betano.com/?btag=a_9862b_619c_CM_BR_SB_DT_BETANO_TNONLINE&utm_medium=2566&utm_source=1&siteid=9862 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 82
  • https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_TNONLINE HTTP 302
  • https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_TNONLINE&AutoR=1 HTTP 302
  • https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE&siteid=1971
Request Chain 83
  • https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12BET_TNONLINE HTTP 302
  • https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12BET_TNONLINE&AutoR=1 HTTP 302
  • https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE
Request Chain 84
  • https://bsbrcdna.com/C.ashx?btag=a_4836b_697c_&affid=20932&siteid=4836&adid=697&c=CM_BR_SB_DT_BETSAT_TNONLINE HTTP 302
  • https://bsbrcdna.com/C.ashx?btag=a_4836b_697c_&affid=20932&siteid=4836&adid=697&c=CM_BR_SB_DT_BETSAT_TNONLINE&AutoR=1 HTTP 302
  • https://br.betsat.com/hub/registration/?btag=a_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE&affid=20932
Request Chain 85
  • https://go.aff.estrelabetpartners.com/6v5wzq9k?utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE HTTP 301
  • https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Request Chain 86
  • https://dash.afiliadosbet.com/visit/?bta=37126&nci=5342&utm_campaign=CM_BR_SB_DT_LUVABET_TNONLINE HTTP 302
  • https://luva.bet/casino?btag=CX-37126_379506
Request Chain 87
  • https://record.nsxafiliados.com/_GHyTzKA74PkXM_11c336cWNd7ZgqdRLk/56/ HTTP 301
  • https://tvbet.com/aviator?token=Z84fJb6_JM-BYCPpBkhYS2Nd7ZgqdRLk
Request Chain 88
  • https://record.emixpartners.com/_7BcqFRBO8OaYNevImT-MDGNd7ZgqdRLk/59/ HTTP 301
  • https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Request Chain 89
  • https://go.aff.esportesdasorte.com/bux88szk?utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE HTTP 301
  • https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Request Chain 90
  • https://media.888africa.com/C.ashx?btag=a_1835b_349c_&affid=1567&siteid=1835&adid=349&c=CM_BR_SB_DT_BLZBET_TNONLINE HTTP 302
  • https://media.888africa.com/C.ashx?btag=a_1835b_349c_&affid=1567&siteid=1835&adid=349&c=CM_BR_SB_DT_BLZBET_TNONLINE&AutoR=1 HTTP 302
  • https://blzbets.com/hub/registration/?btag=a_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE&siteid=1835
Request Chain 91
  • https://record.nsxafiliados.com/_ZdArJQPlaNDUOsjNOfgKeWNd7ZgqdRLk/61/ HTTP 301
  • https://betnacional.com/?token=GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
Request Chain 157
  • https://deviatetracking.com/wp-content/deviatetracking/deviatetracking-5.2.js?ver=1708451567 HTTP 301
  • https://cdn.jsdelivr.net/gh/DeviateLabs/DeviateTracking/deviatetracking.js
Request Chain 159
  • https://13496778.fls.doubleclick.net/activityi;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE HTTP 302
  • https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE
Request Chain 171
  • https://secure.adnxs.com/seg?add=34065042&t=1 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D34065042%26t%3D1
Request Chain 215
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Request Chain 235
  • https://a.sportradarserving.com/pixel?type=js&aid=1471&id=5525 HTTP 302
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1471&id=5525
Request Chain 236
  • https://us.creativecdn.com/tags/v2?type=json HTTP 307
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
Request Chain 271
  • https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform= HTTP 302
  • https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=&_rlid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3
Request Chain 293
  • https://pdp-service.retargetly.com/event_collector_cookies HTTP 307
  • https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
Request Chain 474
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Request Chain 521
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 542
  • https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appnexusid=$UID HTTP 302
  • https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appnexusid=7850017704317607944
Request Chain 554
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZdTm81VbLYcAAGALAHP7NQAA
Request Chain 555
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZdTm81VbLYcAAGALAHP7NQAA%265221&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZdTm81VbLYcAAGALAHP7NQAA%265221&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7e8e9f9e64ba423ba510e6aada54c063 HTTP 303
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Request Chain 559
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d51992af-1151-45a3-b3ba-7ed8a987e4d4
Request Chain 560
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9e761e2277a54df5b05ce7f4cf81ecc8&expiration=1711043571
Request Chain 561
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZdTm8wAGWTOZMwA9 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZdTm8wAGWTOZMwA9&_test=ZdTm8wAGWTOZMwA9
Request Chain 655
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=9ObUZai3EKzGmLAPnZyLiAo&sscte=1&crd=COy7sQI&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77Lv5ujeKMHeLmDrcWL-yWSsn8_FrPOIy2v8Q&pscrd=IhMIqIHTiL66hAMVLCMGAB0dzgKhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
  • https://www.google.com/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIqIHTiL66hAMVLCMGAB0dzgKhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZai3EKzGmLAPnZyLiAo&cid=CAQSKQAvHhf_a01ySvzhabBUzM28JSAe4VJTZCQtM6UjICfFwOPGDr-MhVGP&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxQVeGKMmQSrxmRuP141sI4ArIgpIYovZw&random=3905027040 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIqIHTiL66hAMVLCMGAB0dzgKhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZai3EKzGmLAPnZyLiAo&cid=CAQSKQAvHhf_a01ySvzhabBUzM28JSAe4VJTZCQtM6UjICfFwOPGDr-MhVGP&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxQVeGKMmQSrxmRuP141sI4ArIgpIYovZw&random=3905027040&ipr=y
Request Chain 656
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=9ObUZdK7EPnFmLAPr_qoyA8&sscte=1&crd=COy7sQI&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77Lv0THmBP6xHGm5cBWYdozeJKugpWKfaE7ZQ&pscrd=IhMI0oXTiL66hAMV-SIGAB0vPQr5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg HTTP 302
  • https://www.google.com/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMI0oXTiL66hAMV-SIGAB0vPQr5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZdK7EPnFmLAPr_qoyA8&cid=CAQSKQAvHhf_Euh31y7yQjwmR7lEg2gOEqGPOeWgOu6OKyEK6obRV26OTPGC&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxwNL1YYwtikXfNVQeDUeBqHM2TAwxzZbQ&random=2501537063 HTTP 302
  • https://www.google.de/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMI0oXTiL66hAMV-SIGAB0vPQr5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZdK7EPnFmLAPr_qoyA8&cid=CAQSKQAvHhf_Euh31y7yQjwmR7lEg2gOEqGPOeWgOu6OKyEK6obRV26OTPGC&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxwNL1YYwtikXfNVQeDUeBqHM2TAwxzZbQ&random=2501537063&ipr=y
Request Chain 701
  • https://gum.criteo.com/sid/json?origin=onetag&domain=m.esportesdasorte.com&sn=ChromeSyncframe&so=0&topUrl=tnonline.uol.com.br&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=89MZ53x6cVBhU3ZvSlBYV1ZxcDFPdmhHZlcvQU1YTk9TMnNTZDN4ZGtlcnhJSHhPcHZBOFA4QW5ldHpFTG1QSHgxU2szRmZvaXpWWjFyRThGY3B6Zjh1NXNSb2xqTW9YZEdyTnJObnBSVCtvazh6MTA0ekxrTUJGdEhYTVdRSG9DS3FSWW5jUXhPTnc4dXRtMUtwUDBpUFgybmVKbGFCWXVjSFliaXhLajRpNlduNEZ3dGlxVURMVHMxcXB3N1hub2x1RHVLb1kwenpNQ1hLS3ZKeVBhejBhYmhIQ2x0YmppQkdjZ3lvMDM4ckNGU2ZnMFM2M2ZVNnM3SHdVVGp1OUlsb0tCM3dxaFZ4VlV2dTkwS2hSZFNmWDVzNFhQTGFsaTAzcitiNkpMUFdlbEU1QT18&cppv=2
Request Chain 801
  • https://tnonline.uol.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275
Request Chain 802
  • https://tnonline.uol.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268
Request Chain 803
  • https://tnonline.uol.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264
Request Chain 804
  • https://tnonline.uol.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743
Request Chain 805
  • https://tnonline.uol.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576
Request Chain 806
  • https://tnonline.uol.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572 HTTP 301
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572
Request Chain 816
  • https://tnonline.uol.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389 HTTP 301
  • https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389
Request Chain 845
  • https://sb.scorecardresearch.com/cs/26893702/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 877
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&RedC=c.clarity.ms&MXFR=0CB0C9F13F346D411309DDDA3B346381 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&MUID=19ED4DF539CE6A6C399859DE38626BCB
Request Chain 889
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.jpg%3Fxid%3D1185981%26resize%3D275%252C150%26t%3D1708451301&xid=1185981 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.jpg%3Fxid%3D1185981%26resize%3D275%252C150%26t%3D1708451301&xid=1185981
Request Chain 932
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
Request Chain 933
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
Request Chain 934
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
Request Chain 935
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292 HTTP 301
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
Request Chain 936
  • https://tnonline.uol.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402 HTTP 301
  • https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402

954 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
tnonline.uol.com.br/
Redirect Chain
  • http://tnonline.uol.com.br/
  • https://tnonline.uol.com.br/
49 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
74
cache-control
public, must-revalidate, style-while-revalidate=120, stale-if-error=3600, s-maxage=120, max-age=180
cache-tag
home
content-encoding
gzip
content-length
14512
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:41 GMT
expires
Tue, 20 Feb 2024 17:54:27 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
via
CacheUOL
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.3
x-cache
HIT
x-mw-action-duration
00:00:00.0312485
x-mw-cache
true
x-mw-cache-date
Tue, 20 Feb 2024 17:50:44 GMT
x-mw-cache-valid
True
x-mw-generated-by
MW Portal
x-mw-generating
False
x-mw-request-duration
00:00:00.0312485
x-powered-by
ASP.NET
x-varnish
106208484 106208258

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 20 Feb 2024 17:52:41 GMT
Location
https://tnonline.uol.com.br/
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
jquery.min.js
tnonline.uol.com.br/themes/portal-tno-deploy/assets/libs/jQuery/ 		32 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/libs/jQuery/jquery.min.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
CacheUOL
age
23216
x-powered-by
ASP.NET
x-cache
HIT
content-length
89423
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
etag
"96a0448940e9d81:0"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
108364591 97139510
cache-control
public,max-age=86400
accept-ranges
bytes
home.json
tnonline.uol.com.br/json/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/json/home.json
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Feb 2024 17:48:17 GMT
server
nginx
age
119
etag
"e2264ffc2464da1:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
x-varnish
91454617 90523881
accept-ranges
bytes
content-length
60676
main.min.js
tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/mobile/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
main.css
tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/mobile/ 		22 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/mobile/main.css?_=1700672983
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
CacheUOL
age
23213
x-powered-by
ASP.NET
x-cache
HIT
content-length
22872
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Nov 2023 17:09:43 GMT
server
nginx
etag
"df6adfaf661dda1:0"
vary
Accept-Encoding
content-type
text/css
x-varnish
103072803 98712275
cache-control
public,max-age=86400
accept-ranges
bytes
webstories.css
tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/desktop/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/desktop/webstories.css?_=1675945711
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
CacheUOL
age
23056
x-powered-by
ASP.NET
x-cache
HIT
content-length
881
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 12:28:31 GMT
server
nginx
etag
"801ea4823cd91:0"
vary
Accept-Encoding
content-type
text/css
x-varnish
104015543 98047535
cache-control
public,max-age=86400
accept-ranges
bytes
bbb.css
tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/desktop/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/desktop/bbb.css?_=1680637883
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
CacheUOL
age
23232
x-powered-by
ASP.NET
x-cache
HIT
content-length
6704
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 04 Apr 2023 19:51:23 GMT
server
nginx
etag
"e42df5d52e67d91:0"
vary
Accept-Encoding
content-type
text/css
x-varnish
99924673 99098516
cache-control
public,max-age=86400
accept-ranges
bytes
logotype.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/logotype.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23336
etag
"56f1148940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
107972507 95179637
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
3308
Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg
cdn.tnonline.com.br/img/Artigo-Destaque/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg?xid=1185981
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg?xid=1185981
0
0
7289cbc0-be92-11ee-b439-f7088255f71d
www.securely-send.com/ 		93 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securely-send.com/7289cbc0-be92-11ee-b439-f7088255f71d
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y35cRBVauR%2Fmgx7QgcYRHoGLWNiMGca3KNyNrHVU9pB7GPFX1GIfS5mrY5tl7xZVkUGOL5xWBEiim7rY32PD8CcemaCPPasOwuLzj85UtUl7%2Bja8kGgE%2FweozrWOZ9QHYWia2867uE5ce7ffu5%2BiKVfblwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, private
cf-ray
85889ad8aecb6664-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		0
0
sbundle_c96cb56133933aa4909f609e81d1247b.js
tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/ 		0
0
Primary Request /
tnonline.uol.com.br/ 		183 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/?d=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
92544c8557fdb812ded31f9352b0d4ea9d90b9e8ea80b548fe9915a14d8b411b

Request headers

Referer
https://tnonline.uol.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
70
cache-control
public, must-revalidate, style-while-revalidate=120, stale-if-error=3600, s-maxage=120, max-age=180
cache-tag
home
content-encoding
gzip
content-length
25934
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:42 GMT
expires
Tue, 20 Feb 2024 17:54:31 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
vary
Accept-Encoding
via
CacheUOL
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.3
x-cache
HIT
x-mw-action-duration
00:00:00.0468801
x-mw-cache
true
x-mw-cache-date
Tue, 20 Feb 2024 17:50:49 GMT
x-mw-cache-valid
True
x-mw-generated-by
MW Portal
x-mw-generating
False
x-mw-request-duration
00:00:00.0625001
x-powered-by
ASP.NET
x-varnish
95255308 92906622
js
www.googletagmanager.com/gtag/ 		280 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a5b806afd5ff34f4224b5d131a4ea61b9d140db13a1e4cf9d3db449243a3df4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95026
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:42 GMT
sbundle_eb11e9d73dbf537a867352b2e7b20317.css
tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/ 		180 KB
180 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/css/sbundle_eb11e9d73dbf537a867352b2e7b20317.css?t=1705923945
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
4c82f7379ad6fa97670e03f45a0c885a6975f1582ccdd687ddf03caa02000c6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
CacheUOL
age
22913
x-powered-by
ASP.NET
x-cache
HIT
content-length
184117
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Jan 2024 11:45:45 GMT
server
nginx
etag
"141acd88284dda1:0"
vary
Accept-Encoding
content-type
text/css
x-varnish
103655879 89743567
cache-control
public,max-age=86400
accept-ranges
bytes
bundle_d339c44411029cf7c31126a1eb06427a.css
tnonline.uol.com.br/ 		809 B
739 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
8f4b25e371df7eee566dc9634e32eb1c3b9ce893f6b9516e210de76b341a427e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
x-mw-action-duration
00:00:00.0156249
via
CacheUOL
x-aspnet-version
4.0.30319
age
81
x-powered-by
ASP.NET
x-cache
HIT
cache-tag
bundle, bundle_d339c44411029cf7c31126a1eb06427a.css
x-mw-request-duration
00:00:00.0156249
x-mw-cache
true
x-mw-generating
False
content-length
207
referrer-policy
no-referrer-when-downgrade
x-aspnetmvc-version
5.3
x-mw-generated-by
MW Portal
server
nginx
x-mw-cache-date
Tue, 31 Oct 2023 01:57:01 GMT
vary
Accept-Encoding
content-type
text/css
x-varnish
107546284 106046081
x-mw-cache-valid
True
cache-control
public, max-age=180
accept-ranges
bytes
expires
Tue, 20 Feb 2024 17:54:21 GMT
tnonline.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/tnonline.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
8d56d7b7e52c109fe83ee91d62aa79486f2f66eae72edf78fc6b467f8c52238f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 May 2023 14:42:49 GMT
server
nginx
age
22714
etag
"8019f2b2967ed91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
74512610 100306919
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
3306
Crime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Principal/830000/575x385/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Principal/830000/575x385/Crime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Principal%2F830000%2FCrime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016.jpg%3Fxid%3D1186201%26resize%3D575%252C385%26t%3D1708451453&xid=1186201
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3c0998c25010738899789ecdec5a750a4293559d92c769256b3577eab0c7060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:43 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:17:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4ed9d18ff63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ZOQ6yZ%2BOFQUT00SFX8iy%2B092MuZh8kkyeBbyu%2Fgm5hhMFTDlA1jkxrUTjM9cD8F4noHcDi8%2B3vYrKqtCYtGcoiR0BPIGhI9zmgH8i0BX0LaTCqCvnX5HDWMGElFfO31Yd0xPs9R2NJ0EDO5kLDemdWV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889add4968286a-AMS
alt-svc
h3=":443"; ma=86400
content-length
26960
O-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Principal/830000/585x385/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Principal/830000/585x385/O-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Principal%2F830000%2FO-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844.jpg%3Fxid%3D1186169%26resize%3D585%252C385%26t%3D1708451453&xid=1186169
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
64be6320b7bbc651ef34ae28c11b33a4fc0622929feee0269846741dda3c5ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:17:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d53a118ff63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5aEgZLNAScoW%2Bn%2B93qbwN6a4hVKmPME90J4jrkK5XuDEgZRHfohLkzdiXq44BehSjPMDUAIKi7iQYeq14Fh0Dh%2B1F%2FnZ8AEokJwAcIRYqxsk9c3RuxCS0bbJEzZSTDHzS39hNOAVUyp3OKNtfHZGVnM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889adfed6c286a-AMS
alt-svc
h3=":443"; ma=86400
content-length
40396
Maior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Secundario/830000/260x150/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Secundario/830000/260x150/Maior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Secundario%2F830000%2FMaior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222.jpg%3Fxid%3D1186345%26resize%3D260%252C150%26t%3D1708451453&xid=1186345
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
656fcb44d24c53fb1f86f7ac85a3df256154ad00c5fa8d73703ee1d2957d9efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 15:23:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bc29cfb01064da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLE0juYsyn2A5iS7FvZcPthQkfwPFVl6yDK7CUvHSaGCTEPTDJWG6L0zITp25LRYfWQt2rHqWOf6sHEKsd%2BkzrU9spx0UulibcVFdT%2BD0UE69uTrABgghFn9Zg2yKY9SPn%2FHMXO20FDHlyDCDzm7sZp%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae13f69286a-AMS
alt-svc
h3=":443"; ma=86400
content-length
10942
O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186404%26resize%3D276%252C160%26t%3D1708451454&xid=1186404
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30c47a8f42f066d57122c9c7423bac6aeacda4838e57a64e8af4b35f3ddb254f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 17:23:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f12c3e862164da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuV6%2FZOcd4fENqCdRaiXscy2ogWUk4xzq3M8MIhPqMep2DebKddoDSSyyVR5ZwBN7Zj0ZViRmCHA57OTmCFakghV%2BFUuvaCiLqr1NGC1JbyB5BXPuA2HTaRrDOJfUNl6qpS9U37KzGYzqLXLMCRNsedw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae3db8d02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
7428
O-caso-e-investigado-pelas-autoridades-00837902-0-202402201402-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-caso-e-investigado-pelas-autoridades-00837902-0-202402201402-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-caso-e-investigado-pelas-autoridades-00837902-0-202402201402.jpg%3Fxid%3D1186397%26resize%3D276%252C160%26t%3D1708451454&xid=1186397
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a1af736fc3231918978d0dfbe35b6749b2a65ac97444d79fff0f65e9d2fa4b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 17:02:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"caba15a01e64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEk8ubk9IL74ArpBpkjjDow14rOGhMXTLjJY76YEpx0b4jzAOc5%2BSCVtzFa4tOY64AZhdZtPwfYfXnG9LQi120EScYCGyvG9OvrTZUjHDAkY8vUuFoCm8466snaGfd4sJ8uonopl9jk8CdpNbCIhhGwW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae56e5b02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
4140
O-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351.jpg%3Fxid%3D1186393%26resize%3D276%252C160%26t%3D1708451454&xid=1186393
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c3b7ffe3c5617bb46345a5257b4377733068a9827e45e7d639c55f1c9ac765a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:53:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"66d7c441d64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaWiEWEINmMw5%2BCt0JND%2F8xnh1gnvmRWTnORu7v89S796wBFMid5j7p9f9lwmUWW9ymMzOAU3Nn%2BVeTYltfYy52HRnuJmzNuXbGiTVL3847UHEKXQy8ldQpj6aVNquF806LBgt2pJJaF7WW5qKOj%2BG3O"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e7102de-CDG
alt-svc
h3=":443"; ma=86400
content-length
10704
O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg
cdn.tnonline.com.br/img/Inferior/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389
  • https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389
8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a93ade7eb33d43eff24b78be0fd3bd48285a9616f8b70608f3d2573e0da428c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:36:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9c6965f01a64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZyCk9RF33ZaepiBISPvb7%2Fu8HXDlOYsV8n8%2FIlfsQmkgn7l9W8pfh5IY%2BVpg0Cb67C%2Ff6Dg2lZHfpLY%2BzSp%2FyIV1WXk5Kh7R%2FQeh3D4smVC7vUXDAfC%2BkHEn7PTFIac%2Bd6jesOg7I2qXXNtIKJe1GWe"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cc202de-CDG
alt-svc
h3=":443"; ma=86400
content-length
8381

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
94732214
location
https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-md.jpg?xid=1186389
content-type
text/html; charset=UTF-8
content-length
255
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FMulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049.png%3Fxid%3D1186254&xid=1186254
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
04e628542db1ea3fa68c19869656fe3c25c072f5f7752a83bf2dcfb451010aeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:50:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20942ba364da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lOFJzN70Tr5DmB5baB%2F%2BRXVM1dUvkgQRoqypDNa4POs0kY9aoypr9ZP1raQ0mZINTf0BrIwlN0%2BsstduzcMm0HX2vyR4gdKHX2rJOAAF373pKloXVxoE6G1aVXlpNSojwlWoU3dadtOQe2w5vDNFAAgz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e7702de-CDG
alt-svc
h3=":443"; ma=86400
content-length
19254
Homens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Homens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FHomens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753.jpg%3Fxid%3D1186137%26resize%3D245%252C160%26t%3D1708451454&xid=1186137
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
83bcf8f0074ddf51d53b18f1c690ddb26c6c7759b18e6abe14d7d1d9dbf35b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:20:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1a574d86ff63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qec%2BCBhmWB92WcW9EYIiVsHBeXDZzyUtME2%2BPWesOehg6KS847cghfEVls7Hy6pSIb4w2RvK3t2Tsm0qvz2elqvRzBxsLow1OuRvscOeYlnrEWrKDg2q%2BNJeTgt07%2BfiA8Jg4aS2HpdAE63HAcscFWzu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e7b02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
2622
As-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/As-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FAs-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734.jpg%3Fxid%3D1186121%26resize%3D245%252C160%26t%3D1708451454&xid=1186121
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2fd9ed1c8a9c35b447ac85fbac9893a1c44601aa34710d50e178ebe5ca3db7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:16:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"88e41381864da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2BUXkYVsZVY3dpAQcX3UZFt%2F6%2BTBPh3HOEYkQZdGi3kKjb%2Bzk%2FP7ffg8r4Exriy2p%2FPhOpSMSzqN6BBLvlob1ESyxmKUN9myyntorhlj%2FNMDu64qOblpXYHBCQ22ecE1kPSDvMdAGbffU25mKLF9efPz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e7e02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
9800
A-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/A-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352.jpg%3Fxid%3D1185724%26resize%3D245%252C160%26t%3D1708451454&xid=1185724
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
910f54619aa2e3319aa9df5a2aba9ce45fe2427926822d7eb754308a06c3850c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:27:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"172375b21964da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6G4SKedsLwNMWv87%2FkE2yfBulSDrX5dg%2FxXQtuzkMaZgKCinQY3Fm8PbJAmyAvacuUTDgioRBn%2FmnTqY0oxeuyhgmKhKncEdvJm5UfoouhrJU53hGD6ClqU4qQxxQSIIqFoeF%2Bcms3%2Fzzzt9Aygwd4UP"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e7f02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
4652
tribuna-play-min.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/tribuna-play-min.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
b39ba2a845ba52695370e4a20ae2b17750fbc68b71af56038ca52d883c509a45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Feb 2023 19:15:59 GMT
server
nginx
age
22433
etag
"d5c46dee2846d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
107711586 93021454
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4855
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/Vitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/Vitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FVitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045.jpg%3Fxid%3D1186241&xid=1186241
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf1fb76085cf06754a2bafd42d1eb4b827b942e5f8b97d2cf4ae98f39c31928e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 14:23:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"889ebd6d864da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTUFTinH6lJCPvSVF0Fqv%2BN70vMcBPK6uLrToWl0z9s1eNjK5hUqPJb52fM3W7i8%2F%2Blb0XhqK5kM%2FCqRfgfRP9ogXOxhjMYAvdJynohICYi7ZFVi%2FroA4P0G9Jk4a19KTYKxZqBvyo7dkQ4cqOqEniKz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e8202de-CDG
alt-svc
h3=":443"; ma=86400
content-length
36320
Acidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Acidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FAcidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100.jpg%3Fxid%3D1185608%26resize%3D245%252C160%26t%3D1708451456&xid=1185608
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67fd9e13b8e46800c09376cc14ff678d47fee1a0312124caa1103cb587a819f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 14:23:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bb0be6d864da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9n6aj3BV%2BaAAFKKTD10T1KV3YWZrOClhXC3IUeey%2B6ajSrg5mYeGH2GxUty3gful9MxwLKcCH3jyMWx%2BY06Q%2BM12sEK5x9HVVBppHiQLjzNArfa1H8CLpnFiEDU%2FN%2BFEBoEYOZxo9Rcd2zxV13im9mjK"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e8402de-CDG
alt-svc
h3=":443"; ma=86400
content-length
6590
Imagem-ilustrativa-00837482-0-202402191000-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Imagem-ilustrativa-00837482-0-202402191000-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FImagem-ilustrativa-00837482-0-202402191000.jpg%3Fxid%3D1185547%26resize%3D245%252C160%26t%3D1708451456&xid=1185547
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5035d9ecea04983a14a8ab80860bc7e49d8254946defee150cf9fcd27641ede2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 18:04:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"daebcec5e63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8RNOBjOF401x8ffPb62pWxh3M1XdeLm2qhE8KCXCjB2k2w0JvrQd%2Fr7bPYLb9J7LVUlr4NJy7l%2FOAo1I5IsrfP50a%2FUeo%2BwSyaGUhxHmE0mHqdr5Xy0SQWb9fAja%2F6YgW14oAys6V53%2F%2Frb0GP78PsC"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e8902de-CDG
alt-svc
h3=":443"; ma=86400
content-length
2582
Caso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Caso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FCaso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933.jpg%3Fxid%3D1185523%26resize%3D245%252C160%26t%3D1708451456&xid=1185523
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
167b3d03240c5336d1ed2233c8e2013bf816aa03da24bcfec6588203d1bd8f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 16:56:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2fcd7ca75463da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1RqY%2B6Paz8za%2BLXy3%2F7qEavW4hKj%2BlYv2rF%2BnB4TpAUKMeXg8mFp5zgrnPwXlleJ4g4kgnMW8e%2BfWJ8VsYaLuayUQ3qWm6%2F1SIuvB%2FuRbxRB15z9VC%2BVID0deW2GYaIzm4fK5U%2BHn%2FCvfDoLi34Bxgo"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e8b02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
6562
7289cbc0-be92-11ee-b439-f7088255f71d
www.securely-send.com/ 		93 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.securely-send.com/7289cbc0-be92-11ee-b439-f7088255f71d
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cffdc8bc367a3e2b28b774d810f2c8208b5ad1c87f223064ee5ab9ecc6983638
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9HkwDD90Ls8MFN46ejZi%2FPo8c%2BNxvSOlzovbDlAw1MFCeCsCBhNm54dv7IgQn8wRQdhWRCMTrJR5H0sNUWiqlKJiPtPt8gY75YztMsapb6yqxtkuJVFVjnY4hu%2FSfEdIBa522JNPvLDRBdj1n1j%2BiC5th0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, private
cf-ray
85889ae40a6d6664-AMS
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
category-1-277-46.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46
722 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d86cd183faa82d4d56cf9b6f38c420ef333cb070b3fbfa79c07679a262f66c2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b83f134da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vozSAhvMLM1z6jLhhiqYBOuBDE8gGbpF0EOqL%2Bd7SRUOqMOmJuhXrxOPkkCsbhGcf5HJGa5IQMiFRY7P5tQRC4nC1MMeYAzBfN4ExZEcVQi6whd0F4CT8DuRxRiKY9kRsgmITa2HWi3FVq09%2FBNTzUaD"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cd202de-CDG
alt-svc
h3=":443"; ma=86400
content-length
722

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
97841147
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-277-46.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-277-46.jpg%3Fxid%3D46%26resize%3D70%252C70%26t%3D1708451456&xid=46
content-type
text/html; charset=UTF-8
content-length
303
category-1-298-92.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92
788 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8927cfc05610d2971e976a4bd19f4ca0cce4069afe36777ab916f6686b8a1c20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20c0744da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3XDkPyGJaRV5Hi9vTjlW9dSdq5CgZtmvJRG9fIQse1aYlOVwhXfDcvHvXO4NJq2gpUS0wbUCpUrV18N2k5I%2Fm84oylgMsRqeT9LOHlqLf7KJmvlhbfLIzJgyxFxKc465v%2B8zEAhkC1JFDyFpQgs32FF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cde02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
788

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
97735847
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-298-92.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-298-92.png%3Fxid%3D92%26resize%3D70%252C70%26t%3D1708451456&xid=92
content-type
text/html; charset=UTF-8
content-length
303
category-1-297-94.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d0caa6e9a128f70dd7b4268b34b1fa2266d68ad78ff6f8c5df5ef49e2c34f100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"eea484da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gb0wM3Zi6eOV6pJTv0JztEAC%2Bdv1NLrw0U8sNpKMGqgqd2sitBfQkS%2B4b7MWUO7iG4h%2Ft3%2BTIX9Bc819E3ZJNTWlWV6wyfLDNzFtqiUNt2e3bh9H4MoOz6PMuHP%2FvowROc91heMBBopNxlFupOlbp7JS"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cc602de-CDG
alt-svc
h3=":443"; ma=86400
content-length
1044

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
102621729
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-297-94.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-297-94.png%3Fxid%3D94%26resize%3D70%252C70%26t%3D1708451457&xid=94
content-type
text/html; charset=UTF-8
content-length
303
category-1-23-24.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
9c29c8399adad9757ee41b995c03c6d160e94821c6d4d3f761055ba26df389db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c76b5b4da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjXzr2ln7JGiMur7ezw%2FOxeWlO5lkZ%2BZgDb%2FdTW3zTIKD%2FDoYS5hBGUYeePTiOiHjTQxdT0T5r%2Bn%2FQTav4iRvpaYRB0vRBmLb8tJV5zt5753lP%2BXs%2Fy8qhL6vmNzYv6NLN1w%2FeQ%2FBWnHCT%2B0ATAKOq3a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cbe02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
1030

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
106208443
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-23-24.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-23-24.jpg%3Fxid%3D24%26resize%3D70%252C70%26t%3D1708451457&xid=24
content-type
text/html; charset=UTF-8
content-length
301
category-1-22-103.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103
980 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0483140cd07d8dd81f757cbeea9d0086a747e56a2c778a4ac816f607e34f52a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ffdb450a810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d7f9o6A8eC39Vh5Rg%2BzN7LlOI%2B5Sgfr3tsxZZdGX2hbX1Sr5LGDKEW41GAwA6IeY6KFlqeJ2%2FgpHmBDT8fE8Co9MjtN9L%2BxapMRMAxwQeEpQdzHsPjvK6r7Gu7Y3gLzeEa%2B%2FTVe1OD6YroEO1JsoG13"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09ccb02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
980

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
97283805
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-22-103.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-22-103.jpg%3Fxid%3D103%26resize%3D70%252C70%26t%3D1708451457&xid=103
content-type
text/html; charset=UTF-8
content-length
305
category-1-235-27.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27
882 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf9ea3edbf5b6b9705d7f6d7ac924c59f4d51afec3786ab6ebbe5677ea597b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"604d984da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJX29tYnKurIUogq13fGpTQqHJXdcTRbujBo914WqL9HJEhLRvgVrgS9lvnH3NLvhcFoJ%2FeQycEdQSyYK04AkMlhvZd7KlM7OAasdMHOsCltrdPra9gPfuMehgFbm4BCRBi3cOmr%2F8pM%2B4Uv%2BRG2xizu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09ce102de-CDG
alt-svc
h3=":443"; ma=86400
content-length
882

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
108364624
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-235-27.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-235-27.png%3Fxid%3D27%26resize%3D70%252C70%26t%3D1708451457&xid=27
content-type
text/html; charset=UTF-8
content-length
303
category-1-21-25.webp
cdn.tnonline.com.br/img/category/70x70/
Redirect Chain
  • https://tnonline.uol.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25
  • https://cdn.tnonline.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1b3b86fca03689f064265e61eec30a33f816c075d0da4f6f15bc68b66b23f230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Mon, 06 Nov 2023 11:56:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c1efb14da810da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trNtml3NqY6dZ%2FT6Wy9eaN4bds7rMqbtH6a8PKIYxJo2p%2F8JG1d9Iz80FHOStIn7CAIi7bQKc%2Bwv3dQN0xDxcA1wEL4iEz7bkm71xLC2MbTCYW2lqR4RQ7EGirit0JRMXIbTXFTiGg6kFr3%2BP7pQPSMg"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cd602de-CDG
alt-svc
h3=":443"; ma=86400
content-length
1204

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
100945064
location
https://cdn.tnonline.com.br/img/category/70x70/category-1-21-25.webp?fallback=%2Fimg%2Fcategory%2Fcategory-1-21-25.jpg%3Fxid%3D25%26resize%3D70%252C70%26t%3D1708451458&xid=25
content-type
text/html; charset=UTF-8
content-length
301
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/A-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/A-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317.jpg%3Fxid%3D1186373&xid=1186373
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdc5768de5ca05c07923f36474969aed246a093623e0dc131227b2b73992bacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 17:23:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dc82892164da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbTbBTY0tnozzfLAlanw3vJMpbecLspvYSAX%2FfkviCDxKtuQl8FR2TS3%2FFphsPj9JEwRMy6CWaEWJQIDxt2uvjMbT4YGam4InykeJczuUBunEwGvou%2BkgMhT5WzzFJfjom%2B0DnZtdzceoQvpgbd4PMLv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e8e02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
58210
O-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/O-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FO-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126.jpg%3Fxid%3D1186313%26resize%3D245%252C160%26t%3D1708451458&xid=1186313
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7ff415abfd08570e8c4cec6a98d50c1bd35850168adf2ea902537d16642e3239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 17:23:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9b865892164da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWOH47e7Wv1dF9Rua7boNVLV8IMAZLBAQTsoSIeeW%2Bsxk1kP5R02brDRsItr3OCAeAkPPWgtTpeF6jkEr2Bwm7EgGRgBHtUsSjSC9FJyT0kiAmXKoNlvoovyyGnT%2FsCk%2FkhQJp%2FVmDgTdgY33fkTmjos"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e9202de-CDG
alt-svc
h3=":443"; ma=86400
content-length
5580
A-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/A-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123.jpg%3Fxid%3D1186305%26resize%3D245%252C160%26t%3D1708451458&xid=1186305
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
edd925bab9d89c0e77eb8a40dcd335afa4a43b04b1bac5cf37ad484ca07de004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:36:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"28fb1fb1a64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xwcyu%2BMU98jTd%2BENugd9djLvttFWaBCvto%2FMzSpQ3f0HhQdGBy%2B5JnXf25IbGiFJnvPB%2Bh0JcWsA4y1RsZpvXBbJ5qYZnCkvwuvofJj98U2y2TXmzpvnx9NhFHqrdGzOEMp5ar%2FXKnt%2FdBmyjdwvuZis"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e9502de-CDG
alt-svc
h3=":443"; ma=86400
content-length
6334
Mulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Mulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FMulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839.jpg%3Fxid%3D1186161%26resize%3D245%252C160%26t%3D1708451459&xid=1186161
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4a9d3fee70141b957eb7ea5e642d83057d9b594e5bf734eea8252e67affbf39b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:17:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e6aa541864da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aWMu8qaegthmbptmDcW7tu7dQma1RId8rQP%2FGuHrGOi7DsH3kMb56i53fY8ZU5ar0dGBDb8Y04ahR7yMfHn%2BtUhFXiMirO0b4Gvst5HSjXalteuofGm74k0Gdgjt2P8fIoNtQLcCHCmOMHRSHvBtarjl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e9802de-CDG
alt-svc
h3=":443"; ma=86400
content-length
2442
mega-sena.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/mega-sena.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
f222b7108cd774932011022de40a4b30fa0914c31273784a56927acd161d201a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
gzip
via
CacheUOL
age
22949
x-powered-by
ASP.NET
x-cache
HIT
content-length
1563
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
etag
"80e5d08840e9d81:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-varnish
104150259 94040363
cache-control
public,max-age=86400
accept-ranges
bytes
lotofacil.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/lotofacil.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
edcf250bd6056acb99a99f4e521f36db95f0c4cb46182d5fb11955732bb5d427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:19:05 GMT
server
nginx
age
22744
etag
"d9413a2c9ddd91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
101138047 100205192
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
4303
lotomania.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/lotomania.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
f1a6bc2784da4d0864e7d7b903ef37e5f3faca8f1da364ef5c735df1d084b5c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
gzip
via
CacheUOL
age
22903
x-powered-by
ASP.NET
x-cache
HIT
content-length
1314
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:06:35 GMT
server
nginx
etag
"802f286d7ddd91:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-varnish
106373095 98153815
cache-control
public,max-age=86400
accept-ranges
bytes
timemania.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/timemania.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
d344ba0f10dda95c808df24ac79942621748409893624fb89a73708f23357c00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Sep 2023 19:06:35 GMT
server
nginx
age
22498
etag
"be3f8d6d7ddd91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
98522048 91606398
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
2533
federal.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/federal.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
6c0bb603c59fe0c8110aeaec2cf09425b970df9a3da922bbe6fab7e9eecaaf0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
gzip
via
CacheUOL
age
22581
x-powered-by
ASP.NET
x-cache
HIT
content-length
1176
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
etag
"80e5d08840e9d81:0"
vary
Accept-Encoding
content-type
image/svg+xml
x-varnish
105521881 97262278
cache-control
public,max-age=86400
accept-ranges
bytes
quina.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/loterias/quina.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
f5e06f7745ea2bc03e392efb7ef201f581eb5dcbc1219d2e68dd5b6f65d7b697

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
22693
etag
"8653178940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
105360431 100601938
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
3029
Jojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/191x150/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/191x150/Jojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FJojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023.jpg%3Fxid%3D1186214%26resize%3D191%252C150%26t%3D1708451459&xid=1186214
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
460289db9adbbf6345f48c180e33078f9b816caff1e7c713eb50930b82492424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:50:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7d53efb3364da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6QBgfBgLv6BVjfA8Y70lmGHKjN9%2BxQe2KitUF2ayqvMDeVMBV3%2F6ZLFrPV3r222GU2nHuQahrs72bs6gM7boZQHEKR%2BxwQURAoPfuMZe9TwZTApmVoFSvaE7uDx6OITd37ZvBF3Yz7uWs73aoSuLktZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e9a02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
2400
Sabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/191x150/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/191x150/Sabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FSabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021.jpg%3Fxid%3D1186210%26resize%3D191%252C150%26t%3D1708451459&xid=1186210
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1f3fd67f059095c6076c948dd11d330141c2fc0f25e39637eae9c23f57b0db59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:46:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"64dd842f364da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhykQ%2BzGZ1qoE0UtDSL68YwpIYTbtI3e%2BU%2Bzq1QXk6PAHo0vO7Al5jbwLEnroulcUcYK11GVTBftn%2F4Qjj8B0vnRykfN43r71T7O6GIg28NgWgkTfJooUN3QLb4fboxiyejZk%2BmnySRTbkVw4SZrF%2B9A"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57e9c02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
4892
meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponic...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponic...
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9b0204c2fe1ff38c712d60167651b4aa31a1f1b11674e772841c7e0820937a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 15:17:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"849e1eaf64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J45ajDTU8MsbpqIZ6M%2FyxPmgBaHNr%2BUt01kV1JnAgfDg6i6aZWxzl8kXzRZBTAqq0U%2F8qAZzqCtzRAWCtU8fCD7URgH4Idjn%2FpOYdC5dCMti%2Fr8FeRZmab%2Fx%2Bado2BJCr86pOwjHztwkk5md6oNipdKc"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09ceb02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
20512

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
105417082
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
content-type
text/html; charset=UTF-8
content-length
461
O-caso-e-investigado-00837871-0-202402201326.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-2024022...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-2024022...
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
760b5b9655b676bc40d3555d7a0ab5838b89a7b55d4c53394082935ac48a4c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:53:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8edc84481d64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZG%2FTYdzTBwhoMKgs0zVd2By%2By%2FslFj342Qg5K%2FPBH%2FmdVqJze2llgotLzdske3dXRgRdC6FWu3vxV7ZF5UderUGpwtNyuK1nUMg%2FmB3ZosztAK4otGWlhAdNOkNR9LmE4EYywUnEzKZkKlgev6uf9pDY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cea02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
5496

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
100458387
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
content-type
text/html; charset=UTF-8
content-length
401
O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-C...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-C...
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ba13869f4bb5f29e17a82d62b5059c900accb7fe07e583b61a8dce996887cce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 14:24:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"725b9790864da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iy19QemGHt9YMlptkTc0a7zcMFi0njNnccA6drbXhdD4hc6mQh%2FNYERFUIFA5z1fOnV%2FA0PJqo89nQ0hhfjBA5%2Fl1rmuK26XCy1ci9kLFoxNL77ryu0CpkpqZvnuPeiethj4fvR3ZD%2FMQPEqIDUS0Iaa"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09ce902de-CDG
alt-svc
h3=":443"; ma=86400
content-length
10922

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
104964534
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
content-type
text/html; charset=UTF-8
content-length
427
Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ad5880dd260d80c20e3cbba59d0ddbeeb8c98c14db1048d9e278dafce2c0f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 14:47:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1792aab3b64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7%2Bi3EkQvAFJya1Yoz8EWeiE3tCXYxkgTIOPpgKcbJWVV3OwpylBn5%2FB06uSAx%2FgZpzUrSZvgvojTGyz80PLKmt6%2BEYL6Xg5yBZPL2x9NfRM9Pykpzae2zHwAhuiM8iaWcYPgYOlYADvHdY%2BnGDMDWiq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cf302de-CDG
alt-svc
h3=":443"; ma=86400
content-length
7158

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
106534013
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
content-type
text/html; charset=UTF-8
content-length
461
O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp
cdn.tnonline.com.br/img/normal/830000/254x150/
Redirect Chain
  • https://tnonline.uol.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi...
  • https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cc7f002d2156e9519cd0e43d01fd289a99417cb892beb3c9b77ccde140480fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 17:23:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cc8a428b2164da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QFkA9ucH52DrLvO%2B614N5DfTSBI356SQJm0f92gFFOncC8PZaQsFY9z2JsC42rNj3kY8OMWmIRNRrMH1wcHOuyq4vPkCz8%2FJ6UyLqPN%2B6hy3itRP0CohNO9IYpnzu2YqX9ohberD%2BKcKhl%2Bgxe4koaCq"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889af09cee02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
7022

Redirect headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
106464998
location
https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402
content-type
text/html; charset=UTF-8
content-length
443
bxx57up0k2
www.clarity.ms/tag/ 		650 B
1015 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/bxx57up0k2
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c0e23128ca7de66c34052521f40a1218fb9d8198d120393c9d7e0549fdc4485f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
-1
date
Tue, 20 Feb 2024 17:52:44 GMT
x-azure-ref
20240220T175244Z-c7k9avx39p39v9n6gazd6xwk3g00000005d000000000pvsy
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
650
request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
logo-footer.png
tnonline.uol.com.br/themes/portal-tno-deploy/assets/tno2023/imgs/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/tno2023/imgs/logo-footer.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
7db8a7c936cca11904420ba44aa38bc3970d866e7b07602a7f847adc961a1e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 10 May 2023 14:41:34 GMT
server
nginx
age
22929
etag
"fddaad844d83d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
x-varnish
101172829 91406190
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
6806
facebook_blue.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/ 		359 B
630 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/facebook_blue.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
ff00ae9f4975479e09a6a6375a6fcb987fe2f1834b1958c1ae719bfc76c7e810

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23207
etag
"de4048940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
102121169 100082072
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
359
twitter_blue.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/ 		327 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/twitter_blue.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
703562ee96c27f5713b0cf2145d2932912a3c732c63886e1605ab5abea98c9c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 13 Sep 2023 17:37:00 GMT
server
nginx
age
23157
etag
"f77c8ee668e6d91:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
108206169 100671494
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
327
whatsapp_green.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/ 		981 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/whatsapp_green.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
de77c5205185776fc71b430ff65109cb40dd2a61857244017310f80b9a51f3b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23111
etag
"1acad8940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
98779205 92105916
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
981
sbundle_34e66f411751e6a2310b5c869ab4f682.js
tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/ 		1 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
91f0e06ba75d59d1b8536afe83f00710e4940d3689ba82552acb70c31cfbc745

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
gzip
via
CacheUOL
age
22943
x-powered-by
ASP.NET
x-cache
HIT
content-length
1350850
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Feb 2023 12:57:26 GMT
server
nginx
etag
"46eca636bd46d91:0"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
102479032 96875103
cache-control
public,max-age=86400
accept-ranges
bytes
sbundle_182b4a7f656e95ee89848ff2bdb97578.js
tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/ 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_182b4a7f656e95ee89848ff2bdb97578.js?t=1688844737
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
51f45a65f168aac7b78b0bdf9e65f8ad853539d5690a528ffd827779e838333d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
gzip
via
CacheUOL
age
22457
x-powered-by
ASP.NET
x-cache
HIT
content-length
31729
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 08 Jul 2023 19:32:17 GMT
server
nginx
etag
"c588ee7d2b1d91:0"
vary
Accept-Encoding
content-type
application/javascript
x-varnish
96266057 96054549
cache-control
public,max-age=86400
accept-ranges
bytes
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
3097
etag
W/"a87c48d211877c49b878679b2e3cdab8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
85889ae61904bb8b-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 23 Feb 2024 17:52:44 GMT
collect
region1.analytics.google.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VL4N2H807F&gtm=45je42e0v874965326za200&_p=1708451562848&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1654842199.1708451563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708451563&sct=1&seg=0&dl=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&dr=https%3A%2F%2Ftnonline.uol.com.br%2F&dt=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=969
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VL4N2H807F&cid=1654842199.1708451563&gtm=45je42e0v874965326za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:43 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VL4N2H807F&cid=1654842199.1708451563&gtm=45je42e0v874965326za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=549180711
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Escola-Municipal-de-Artes-de-Apucarana-tem-recorde-00836973-0-202402161414/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Escola-Municipal-de-Artes-de-Apucarana-tem-recorde-00836973-0-202402161414/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F830000%2FEscola-Municipal-de-Artes-de-Apucarana-tem-recorde-00836973-0-202402161414.jpg%3Fxid%3D1184374&xid=1184374
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
322788582ae994fb6b81af4edc824b00ebc917d0659e65122cb1b13fc4a79562

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Fri, 16 Feb 2024 17:14:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2df7ec9efb60da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qm%2BatR0Qtg8Rhx4pN11SzcGMgfYIAnunSNBw8QQypb7esgboEd12SgJ3mIuDZsLJ5Ws5f7ubMyIdX19cPNyr852Rq9fery3%2BV8M09EKs7blpj5B2qORLVCneyMNOtLisxn%2B0Mwxq4SY03wm7vigewgqW"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae57ea002de-CDG
alt-svc
h3=":443"; ma=86400
content-length
15718
lato-Bold.ttf
tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/ 		72 KB
72 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/lato-Bold.ttf
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678

Request headers

Referer
https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Origin
https://tnonline.uol.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23372
etag
"b3cbee8840e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/font-sfnt
x-varnish
100458399 93412461
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
73316
lato-Regular.ttf
tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/lato-Regular.ttf
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1

Request headers

Referer
https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Origin
https://tnonline.uol.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23478
etag
"d2ef18840e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/font-sfnt
x-varnish
89288122 100730137
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
75136
tnonline.png
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/tnonline.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
5181a58701b2b8b2e17cd240c38df35e96a404cda30dcedf973a935a24eb265c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
23001
etag
"54662a8940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
x-varnish
102575740 99033087
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
7171
times.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/ 		510 B
782 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/times.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
a967d914d91ec1659efa5a71aefa395844316e51bca7fa00654bb6c5cf658480

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
22714
etag
"ca368940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
104150275 100569319
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
510
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Dois-graves-acidentes-sao-registrados-nas-rodovias-00836490-0-202402150958/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Dois-graves-acidentes-sao-registrados-nas-rodovias-00836490-0-202402150958/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F830000%2FDois-graves-acidentes-sao-registrados-nas-rodovias-00836490-0-202402150958.jpg%3Fxid%3D1183388&xid=1183388
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
033f5a7086db13493218e5f5cd6f023b59fda98625ece4f31c61e4c441b23841

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Thu, 15 Feb 2024 12:58:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"39e92bde60da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uL8AbWVCDLdgktyk%2FGCWTP%2BEN%2BKEIbUaNX%2BGqfBYLMURNA6Gxhvnn3pI5ijM9afrCrq3uNKSqb7PXUutKwIWeTAXjeWHX6zClTa3nCljCdaE5473TrbYAKIpsp4ewnqhmPJ6cXlCEEaFP0H1OYn7pEDk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae5cef302de-CDG
alt-svc
h3=":443"; ma=86400
content-length
18816
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Carnaval-Nas-Asas-do-Samba-reune-grande-publico-em-00836021-0-202402131123/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/285x380/Carnaval-Nas-Asas-do-Samba-reune-grande-publico-em-00836021-0-202402131123/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F830000%2FCarnaval-Nas-Asas-do-Samba-reune-grande-publico-em-00836021-0-202402131123.jpg%3Fxid%3D1182223&xid=1182223
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c74eb8cbf1d55f1ee58660045281a69d6106d40d628f0facf8bb5010e0a7c8f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 13 Feb 2024 14:24:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"522a8054885eda1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0mNIF9rkBf1pWPUVTRqE8fWHJiPUuski6CxY%2FLrCsaYBqj%2F%2FQw4VpKW5FzGMby09Of7Zqwxhv%2FXhSCiBtO8FfN7%2BQZ6OOiquJ1oUD9CqiAK0vU5zRX8ZfCGwhV%2FNNJ4WYS0theS%2BHnYrbm5gFmXf3uX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae5df0f02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
14170
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/790000/285x380/Revitalizacao-da-Catedral-e-inaugurada-com-show-pi-00798142-0-202310031043/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/790000/285x380/Revitalizacao-da-Catedral-e-inaugurada-com-show-pi-00798142-0-202310031043/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F790000%2FRevitalizacao-da-Catedral-e-inaugurada-com-show-pi-00798142-0-202310031043.jpg%3Fxid%3D1093798&xid=1093798
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cb1fac04f3a349a2fbf5c5c0d9a7747e9ef788e11f98f96ef32bcbea4666e309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Tue, 03 Oct 2023 13:43:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9f707d95fff5d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRNgvyAxg3FOt1lJgyr8hBvlfIcInoa27toAjQXtwd8%2B9sLW6EM41hefwoFnZ3il%2FNNKF43uAtPkUbRO3qnf3j30v6Ea5wSnD1mjjOiMvMm5E%2FlF%2B98rtZZfTJ7QAh44MzZBq0DASFLfLfzk1Ex6OkDk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae5ef2d02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
12954
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/780000/285x380/Alunos-de-Apucarana-emocionam-durante-festival-de--00787159-0-202308251625/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/780000/285x380/Alunos-de-Apucarana-emocionam-durante-festival-de--00787159-0-202308251625/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F780000%2FAlunos-de-Apucarana-emocionam-durante-festival-de--00787159-0-202308251625.jpg%3Fxid%3D1067990&xid=1067990
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5e84a1f39fa1eabb53b9dae8c232da84c8ab58f561ce07bb8360327358560be7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
MISS
last-modified
Fri, 25 Aug 2023 19:25:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"613eb6f989d7d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFH0Drknlw9zVU3WiIV7vnIlPg1oGtaJCFN%2Fp664YiDmysD8oU8XI2PzxOQOFeZESMVIOitWsTvpX6M6Dc3l7JX%2BxSp4%2BluAE239VMabMCA6POmHxgsnvdlSOe9maoY3Wm4TIRRjJvyIasUJp%2FlcZFMp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae5ef3602de-CDG
alt-svc
h3=":443"; ma=86400
content-length
19228
scaleDownOutsideFillBackground-1.webp
cdn.tnonline.com.br/img/Artigo-Destaque/780000/285x380/Aracari-poca-o-bicho-da-meteorologia-e-capturado-e-00786751-0-202308241509/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/780000/285x380/Aracari-poca-o-bicho-da-meteorologia-e-capturado-e-00786751-0-202308241509/scaleDownOutsideFillBackground-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FArtigo-Destaque%2F780000%2FAracari-poca-o-bicho-da-meteorologia-e-capturado-e-00786751-0-202308241509.png%3Fxid%3D1067021&xid=1067021
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
54e1ac1d6a5631cc3d2be1166a6688645a001e22b8f0d61b89c6cec62bce2e1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
cf-cache-status
MISS
last-modified
Thu, 24 Aug 2023 18:10:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a8337c4fb6d6d91:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdkR9yWNGmgkJ83cIvJDH%2BP5bw0SptRet36oOUtn2VkChBt8nBrUR9QwD9XFi7oU3LH5PDgrQz7LMLmYPUE5EFlPyqjEbM1MlwBCVoghk2VjxQkXraTBrlgjGGuSH5dq8JIVU63FxCHABHoEulv3hYjp"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889ae5ef3802de-CDG
alt-svc
h3=":443"; ma=86400
content-length
5262
I.ashx
wlf12bet.adsrv.eacdn.com/ Frame 5C63 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f31cebb70c781c9da1053f8735fb79dd7ab33d6ab9a8c122ffcb52cbec3ce7be
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
709
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 17:52:43 GMT
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
country-341630
br.betano.com/myaccount/ban/ Frame 7010
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=CM_BR_SB_DT_BETANO_TNONLINE
  • https://gml-grp.com/C.ashx?btag=a_9862b_619c_&affid=2566&siteid=9862&adid=619&c=CM_BR_SB_DT_BETANO_TNONLINE&AutoR=1
  • https://br.betano.com/?btag=a_9862b_619c_CM_BR_SB_DT_BETANO_TNONLINE&utm_medium=2566&utm_source=1&siteid=9862
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:5559 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.com:*
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
85889aea19d11917-FRA
content-encoding
br
content-security-policy
frame-ancestors https://*.betano.com:*
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:45 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-farm
BR-MYACCOUNT27
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
85889ae938f01917-FRA
content-length
0
date
Tue, 20 Feb 2024 17:52:45 GMT
location
/myaccount/ban/country-341630?siteid=14
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-cacheable-status
302
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
pixbet.com/hub/registration/ Frame 3222
Redirect Chain
  • https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_TNONLINE
  • https://wlpixbet.adsrv.eacdn.com/C.ashx?btag=a_1971b_114c_&affid=871&siteid=1971&adid=114&c=CM_BR_SB_DT_PIXBET_TNONLINE&AutoR=1
  • https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE&siteid=1971
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE&siteid=1971
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:2bd3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=15
cf-ray
85889ae9380718bd-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Tue, 20 Feb 2024 17:53:00 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
215
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 17:52:44 GMT
Location
https://pixbet.com/hub/registration/?btag=a_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE&siteid=1971
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
f12.bet/ Frame A0EB
Redirect Chain
  • https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12BET_TNONLINE
  • https://wlf12bet.adsrv.eacdn.com/C.ashx?btag=a_3672b_86c_&affid=2450&siteid=3672&adid=86&c=CM_BR_SB_DT_F12BET_TNONLINE&AutoR=1
  • https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=15
cf-ray
85889ae95a625d40-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Tue, 20 Feb 2024 17:53:00 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
178
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 17:52:44 GMT
Location
https://f12.bet/?btag=a_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
br.betsat.com/hub/registration/ Frame EA85
Redirect Chain
  • https://bsbrcdna.com/C.ashx?btag=a_4836b_697c_&affid=20932&siteid=4836&adid=697&c=CM_BR_SB_DT_BETSAT_TNONLINE
  • https://bsbrcdna.com/C.ashx?btag=a_4836b_697c_&affid=20932&siteid=4836&adid=697&c=CM_BR_SB_DT_BETSAT_TNONLINE&AutoR=1
  • https://br.betsat.com/hub/registration/?btag=a_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE&affid=20932
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.betsat.com/hub/registration/?btag=a_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE&affid=20932
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=15
cf-ray
85889ae94f79372d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Tue, 20 Feb 2024 17:53:00 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
218
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 17:52:44 GMT
Location
https://br.betsat.com/hub/registration/?btag=a_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE&affid=20932
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cadastro
estrelabet.com/pb/ Frame 0664
Redirect Chain
  • https://go.aff.estrelabetpartners.com/6v5wzq9k?utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
  • https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8eff79d1719fa8f2eee089eef7debc125ba68376494732cb805794a7fce7dbfa

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=14400
cf-cache-status
MISS
cf-ray
85889ae90b1730fa-FRA
content-encoding
br
content-type
text/html
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Tue, 20 Feb 2024 21:52:45 GMT
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

_sr
affiliate04
_t
1
cache-control
no-store, no-cache, must-revalidate
content-length
0
country
DE
date
Tue, 20 Feb 2024 17:52:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
ip
80.255.7.107
location
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
casino
luva.bet/ Frame 3C9C
Redirect Chain
  • https://dash.afiliadosbet.com/visit/?bta=37126&nci=5342&utm_campaign=CM_BR_SB_DT_LUVABET_TNONLINE
  • https://luva.bet/casino?btag=CX-37126_379506
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://luva.bet/casino?btag=CX-37126_379506
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
77.37.33.30 , Germany, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-mitigated
challenge
cf-ray
85889ae9f80144f2-TXL
content-encoding
br
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
3
Content-Type
application/octet-stream
Date
Tue, 20 Feb 2024 17:52:44 GMT
Server
rhino-core-shield
X-Cache-Status
MISS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
expires
0
location
https://luva.bet/casino?btag=CX-37126_379506
pragma
no-cache
referer
surrogate-control
no-store
aviator
tvbet.com/ Frame 1C37
Redirect Chain
  • https://record.nsxafiliados.com/_GHyTzKA74PkXM_11c336cWNd7ZgqdRLk/56/
  • https://tvbet.com/aviator?token=Z84fJb6_JM-BYCPpBkhYS2Nd7ZgqdRLk
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tvbet.com/aviator?token=Z84fJb6_JM-BYCPpBkhYS2Nd7ZgqdRLk
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ed3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85889ae9da629274-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
85889ae828d034fa-WAW
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://tvbet.com/aviator?token=Z84fJb6_JM-BYCPpBkhYS2Nd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
/
joiabet.com/pt-BR/ Frame 041E
Redirect Chain
  • https://record.emixpartners.com/_7BcqFRBO8OaYNevImT-MDGNd7ZgqdRLk/59/
  • https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2765d7f4d82cb88e67387b5c6814153f4d684c8aefaafed982e2141a3563db8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
85889ae9bd4a6f42-CDG
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQGGUGS2uiVD%2FDjQnb1ieFoFXX71nQ0NGZfwafKElH55sGyWqFN7nasb8xSFXprXmzo1PJgxO1MSNcRKL7aZUHqkSKJdDfcmrQHHc2%2BA273U163VOdYC%2FjjKmQ9iwgMwJ0T5j%2FMe1CntTw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
85889ae7eed234f7-WAW
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
ptb
m.esportesdasorte.com/ Frame 75E9
Redirect Chain
  • https://go.aff.esportesdasorte.com/bux88szk?utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
  • https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
b2500eb008e5d73a766eb36f5e95fa798dd31598077281e5bfd1345b6667b002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
br
content-type
text/html
date
Tue, 20 Feb 2024 17:52:45 GMT
etag
W/"65cba320-2055"
last-modified
Tue, 13 Feb 2024 17:13:04 GMT
server
nginx
vary
Accept-Encoding
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id
1K_pSDT-PueocRv3tjT-pUjlSN_MCI24m3foTxtUqHo4W-D6yhoJuw==
x-amz-cf-pop
FRA53-C1
x-cache
Miss from cloudfront

Redirect headers

_sr
affiliate05
_t
1
cache-control
no-store, no-cache, must-revalidate
content-length
0
country
DE
date
Tue, 20 Feb 2024 17:52:44 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
ip
80.255.7.107
location
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
/
blzbets.com/hub/registration/ Frame 73FD
Redirect Chain
  • https://media.888africa.com/C.ashx?btag=a_1835b_349c_&affid=1567&siteid=1835&adid=349&c=CM_BR_SB_DT_BLZBET_TNONLINE
  • https://media.888africa.com/C.ashx?btag=a_1835b_349c_&affid=1567&siteid=1835&adid=349&c=CM_BR_SB_DT_BLZBET_TNONLINE&AutoR=1
  • https://blzbets.com/hub/registration/?btag=a_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE&siteid=1835
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://blzbets.com/hub/registration/?btag=a_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE&siteid=1835
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9892 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=15
cf-ray
85889aea4f6630e8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Tue, 20 Feb 2024 17:53:00 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
private
Connection
keep-alive
Content-Length
216
Content-Type
text/html; charset=utf-8
Date
Tue, 20 Feb 2024 17:52:44 GMT
Location
https://blzbets.com/hub/registration/?btag=a_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE&siteid=1835
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
/
betnacional.com/ Frame 7C4D
Redirect Chain
  • https://record.nsxafiliados.com/_ZdArJQPlaNDUOsjNOfgKeWNd7ZgqdRLk/61/
  • https://betnacional.com/?token=GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://betnacional.com/?token=GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:93b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85889ae9f9ae03d8-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:45 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy
same-origin
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN

Redirect headers

access-control-allow-origin
*
cache-control
private, no-cache, must-revalidate
cf-cache-status
BYPASS
cf-ray
85889ae828d134fa-WAW
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:44 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://betnacional.com/?token=GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
x-powered-by
ZBan
clarity.js
www.clarity.ms/s/0.7.20/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.20/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/bxx57up0k2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
br
last-modified
Wed, 24 Jan 2024 14:33:55 GMT
etag
W/"0x8DC1CE97EB406F9"
vary
Accept-Encoding
x-azure-ref
20240220T175244Z-c7k9avx39p39v9n6gazd6xwk3g00000005d000000000pvu8
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
dc097b27-101e-005a-5826-61483c000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
s.5.6.min.js
wlf12bet.eacdn.com/TrafficOpt/ Frame 5C63 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wlf12bet.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Requested by
Host: wlf12bet.adsrv.eacdn.com
URL: https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlf12bet.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
content-encoding
br
last-modified
Wed, 30 Mar 2016 16:08:31 GMT
etag
W/"56fbf9ff-1a7b"
vary
Accept-Encoding
x-azure-ref
20240220T175244Z-z5m023nxrp12za43e4xd69fa4c00000003d000000000dzhh
content-type
application/javascript
x-cache
TCP_HIT
cache-control
max-age=0, no-cache
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
Ad_20.js
wlf12bet.eacdn.com/wlf12bet/img/js/ Frame 5C63 		558 B
826 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wlf12bet.eacdn.com/wlf12bet/img/js/Ad_20.js?t=2024022017
Requested by
Host: wlf12bet.adsrv.eacdn.com
URL: https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
528dafafd257c7fbf8d58f511cc9d98041611ea040c4a2ad23b79f716fe9d27b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlf12bet.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:44 GMT
last-modified
Thu, 25 Jan 2024 18:32:46 GMT
etag
"65b2a94e-22e"
x-azure-ref
20240220T175244Z-z5m023nxrp12za43e4xd69fa4c00000003d000000000dzhg
x-cache
TCP_HIT
content-type
application/javascript
cache-control
max-age=0, no-cache
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
558
uoltm.js
tm.jsuol.com.br/ 		326 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
70b21e3d37b31e647a9557a0b5412ae9e298de03ecba863494e30943b1b5a7bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
69833
last-modified
Tue, 09 Jan 2024 23:22:31 GMT
server
marrakesh 1.23.0
etag
e1479921935143bec9561f1085e2f189
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
g0z8c5cQWXPDXyLK4MEhv79EREbHZs9qZBuu6ZxUDXHutabmIWdotQ==
expires
Tue, 20 Feb 2024 18:52:45 GMT
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:52:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
T.ashx
wlf12bet.adsrv.eacdn.com/ Frame BFC7 		0
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://wlf12bet.adsrv.eacdn.com/T.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE&t=638440483650220000&MediaID=12&MediaIndex=0&XYZ=120%260%26148%26%26%26%260%260%26%26
Requested by
Host: wlf12bet.eacdn.com
URL: https://wlf12bet.eacdn.com/TrafficOpt/s.5.6.min.js?t=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
40.127.232.184 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
private
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:44 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.3
X-Powered-By
ASP.NET
X-XSS-Protection
1; mode=block
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
71739946-ef85-4237-93c3-237b0fb54765.gif
wlf12bet.eacdn.com/wlf12bet/img/ Frame 5C63 		191 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wlf12bet.eacdn.com/wlf12bet/img/71739946-ef85-4237-93c3-237b0fb54765.gif
Requested by
Host: wlf12bet.adsrv.eacdn.com
URL: https://wlf12bet.adsrv.eacdn.com/I.ashx?btag=a_3672b_20c_&affid=2450&siteid=3672&adid=20&c=CM_BR_SB_BA_F12BET_TNONLINE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cf4374b4246d87a215368bb1d9b4db4347a05870e4bbdde468c6b929a5232b03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wlf12bet.adsrv.eacdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
last-modified
Mon, 04 Jul 2022 22:47:53 GMT
etag
"62c36e19-2fceb"
x-azure-ref
20240220T175245Z-z5m023nxrp12za43e4xd69fa4c00000003d000000000dzk1
x-cache
TCP_HIT
content-type
image/gif
cache-control
public, max-age=86400
x-cache-info
L1_T2
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
195819
css
fonts.googleapis.com/ Frame 75E9 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap&subset=latin,latin-ext
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:48:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:45 GMT
css
fonts.googleapis.com/ Frame 75E9 		3 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:500,700
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
19d59f03c930bd4a4779b1e411db69eaf7722da3063fc773553bb590f8a0f8c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:46:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:45 GMT
runtime.3a83710f43022abe.js
m.esportesdasorte.com/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
0a03f37594aa1eab6c391b9f8d19f5f897dc17b69e314b81aebe5553b9782d17

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-da1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
4DlZUiO59R3HEyIoe7Lxi5gEA55t9Pr7_2VJK3Q0hzVH3IEptBkC5w==
polyfills.08ba0e0469079de9.js
m.esportesdasorte.com/ Frame 75E9 		257 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d23f81436180d963d017485e84880d7575a4bab390d3805ca21f7c3160b422e4

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-40210"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
N06KSD1p3HKxlDkNBI9dKVG_hbsa_JI_7uSK3ZRvE4RiviyoniDoVg==
scripts.e4a33414bf9901c7.js
m.esportesdasorte.com/ Frame 75E9 		272 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/scripts.e4a33414bf9901c7.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
a0a9f2117b2da20b702038d95e18b46041669b69b50688ccf8d81a771174790d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-44067"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
2myJCvaZP_svAr3i0XPv3qHVhaqKGIBVLHYQo2DWaR9AQaw2ih_SWw==
main.47ee960a0de15fb7.js
m.esportesdasorte.com/ Frame 75E9 		3 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
8f043819bbac30b5c185a0431c1ef4d422fab4dce25cfa16484a2e29fd71ff84

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-365197"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
G8GUJs3A5A3Zj95ndypximVPrPi6tqVe-OKg3QCbrbeQxXiusfId5A==
icon
fonts.googleapis.com/ Frame 75E9 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:52:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:45 GMT
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:52:45 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
2.638ac20c.chunk.css
joiabet.com/static/css/ Frame 041E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/static/css/2.638ac20c.chunk.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0eb1b925c4e435d6962165494bba3803f1388c5ce0886e2c04c1b7e35f9234b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1505
cf-polished
origSize=4920
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"58bfae4105c115aa8308635b52339381"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUN2HsvUnbb7ygd6kR1T54MeAdR6Lxy%2BctXWzT%2FW%2BVM4k6XyXML7uGe82Fz6Pt9d3viF9y7Kjt3DCUmRVUcwtqhhVcOFVvza70P1u0j5NegaC4ldRrABM%2Br2LGkp7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889aeabf6b6f42-CDG
main.7de3d76d.chunk.css
joiabet.com/static/css/ Frame 041E 		364 KB
97 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/static/css/main.7de3d76d.chunk.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a8dbc1923f5a80fc668e8f63ac3c277ce8e5e679c33f3f93d04c9a93dd98484
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1232
cf-polished
origSize=373454
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ea30d60b23a343e8192f8aa763c7e50a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksQNAP9kl65DZMO24vd3FtJQuBg%2BEuyIBuY3l7VynwASg8Kld6S%2FeDszcz%2BdRQ1T52%2F8ed38IKLFuujRp%2BmKqwh1cPc8FGKzj1Jb4ZQaBo0p5ltxXEhqr%2BxghN38MA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889aeabf6d6f42-CDG
rocket-loader.min.js
joiabet.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ Frame 041E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: joiabet.com
URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Feb 2024 18:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65cbb0fd-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKKaWH8gbCFyz3jrMWp%2FRSfBluOaRwsAADGHfTdP1MXB7%2Fg6nR6KueIB05fTbX2lbx9HqVHruHF4y56EprMKMRoEPpkFBgkSvsKJq%2BS4otorSrFjA1yKxDYRUYOHwE2M3FG1Blsm4a%2FHMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85889aeabf846f42-CDG
expires
Thu, 22 Feb 2024 17:52:45 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ Frame 041E 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: joiabet.com
URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://joiabet.com/
Origin
https://joiabet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85889aeb8f6c5d4c-FRA
icon
fonts.googleapis.com/ Frame 041E 		569 B
366 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: joiabet.com
URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://joiabet.com/
Origin
https://joiabet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:52:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:45 GMT
styles.4fc72ecdf9e3243a.css
m.esportesdasorte.com/ Frame 75E9 		673 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/styles.4fc72ecdf9e3243a.css
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
91eaa344cf2bcaa6383f9510e067a5e8de2ae95c6980956ecdc09791e6988b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-a824b"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
GvVt5XiyG_Fh9rvQSYAqOVK95D88p18ZU6DZI0oQwp9hQnpR0SkdYA==
ptb
odin.sportingtech.com/api/generic/getWebMultilanguages/m.esportesdasorte.com/ Frame 75E9 		498 KB
93 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebMultilanguages/m.esportesdasorte.com/ptb
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cc27288e6d005034d9bac1d81c65878ed0c586250e6c24293b9afcd06e9e28ba

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:36:58 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
947
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
NHLe6a_hM0t6oBKhZFsVKMuQZkAro92HKml2oKDTr4PRmDOz67nVKQ==
m.esportesdasorte.com
odin.sportingtech.com/api/generic/traderCurrencyList/ Frame 75E9 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/traderCurrencyList/m.esportesdasorte.com
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df7671ea1a325ed1e6f5344281ce84bf2acdce29b38eab01bd007d71bd59f9b6

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:34:22 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1103
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.19:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
dy8Ed4v8ihfBvILP6FGkF5qxDYx-kcD_wLr8vz5-SoataBxdbC53eA==
currencylist
odin.sportingtech.com/api/generic/ Frame 75E9 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/currencylist
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a82ff1712b47af02f3cb24ee5ee29f9c0d3410b640e86817f2d1a5b41c827da8

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:34:22 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1103
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.19:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
eRl-XHnc-q1oZGPF6rfq-JJtE4JAffSEduMpLlLyQfhpuUHt9sgarw==
w
odin.sportingtech.com/api/generic/getTraderDefaults/m.esportesdasorte.com/ Frame 75E9 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getTraderDefaults/m.esportesdasorte.com/w
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0846e5d04961c9a9a130a6faecc4a94595b788462104ceced09a5320b19b9250

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:36:40 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
965
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
LoELrRcUQIjsdhabL3wnZDA5obzwbouZiSZ6lTMwBPTAMQocZbqpQw==
altenarWSDK.js
sb2widgetsstatic-altenar2.biahosted.com/ Frame 0664 		921 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.135.117 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.135.120.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
87ecfeb6b15232e9c20aeaa8d6f64140b05354435db81a58d022fb42779798cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1707923135
age
0
x-guploader-uploadid
ABPtcPpiSwIZUI2VescSw2yYpfMnm_VYVY6gQ6XVmT46pZ_F3MI7NkK4W7cTSMmJwgfHD3sfuvERYufq-Q
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
203520
last-modified
Wed, 14 Feb 2024 15:05:52 GMT
server
UploadServer
etag
"f3cc1c4a4a5ebee27b080da3026233c5"
vary
Accept-Encoding
x-goog-generation
1707923152491185
x-goog-hash
crc32c=hCqGSQ==, md5=88wcSkpevuJ7CA2jAmIzxQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
no-cache,max-age=0
x-goog-stored-content-length
203520
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 20 Feb 2024 17:52:45 GMT
styles.4dff4d5f2b6a90b344a1.css
estrelabet.com/ Frame 0664 		257 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/styles.4dff4d5f2b6a90b344a1.css
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad1216fd149373b3d80e808113f6f6b858a15e1ac439580334aab3adde847f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12260
cf-polished
origSize=263718
etag
W/"65d44157-40626"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889aee3eef30fa-FRA
expires
Tue, 20 Feb 2024 21:52:45 GMT
secondary-loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/secondary-loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d364673ea6cb2a4ca51a803621f7f5c11496d0a62969ea7e5e00f7858b129e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
cf-cache-status
HIT
age
10245
cf-polished
origSize=244323
content-length
112407
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ba63"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889aee3ef030fa-FRA
expires
Tue, 20 Feb 2024 21:52:45 GMT
runtime.b4b0e39fd84f9fd922d0.js
estrelabet.com/ Frame 0664 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/runtime.b4b0e39fd84f9fd922d0.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f78966220704ec879b95f6d8460770b38cab085ddf2d8fbbebb6f39a9f3046c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12598
etag
W/"65d44157-a39"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889af0a8c930fa-FRA
expires
Tue, 20 Feb 2024 21:52:46 GMT
polyfills.c5e32b41c40d5b6ada0b.js
estrelabet.com/ Frame 0664 		239 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f4d87657c20bdb47e970a3c10548cef4228025073e5020513af4c5ae84942ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12261
cf-polished
origSize=245122
etag
W/"65d44157-3bd82"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889af0f90830fa-FRA
expires
Tue, 20 Feb 2024 21:52:46 GMT
vendor.35e62b8522dc4d52b1ec.js
estrelabet.com/ Frame 0664 		2 MB
546 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/vendor.35e62b8522dc4d52b1ec.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b9cc0f369636267aef33a14d1a310e998fce6c21bb66477d26ff4450c4cf93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12261
cf-polished
origSize=2172595
etag
W/"65d44157-2126b3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889af1795a30fa-FRA
expires
Tue, 20 Feb 2024 21:52:46 GMT
main.f8a9fe03a105d882fc1a.js
estrelabet.com/ Frame 0664 		1 MB
245 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/main.f8a9fe03a105d882fc1a.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6c726403029b80c0e041873a5f85ba37f2b786e808ad34292fd9abb4cbd749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12261
etag
W/"65d44157-123f33"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889af1897430fa-FRA
expires
Tue, 20 Feb 2024 21:52:46 GMT
mercurio.html
tm.uol.com.br/ Frame 0993 		197 B
834 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/mercurio.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
173
content-type
text/html;charset=UTF-8
date
Tue, 20 Feb 2024 17:52:46 GMT
etag
ba5203ce522cc70a434e9a70452ca145
expires
Tue, 20 Feb 2024 18:02:46 GMT
last-modified
Thu, 27 Apr 2023 14:19:31 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.16.6
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-id
R6ecne-JoV2OjybOTbgbYver4Q5passeu80KXAz9uOjiiKiO6qWGtQ==
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
Prebid.js
tm.jsuol.com.br/modules/external/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
115718
last-modified
Fri, 03 Nov 2023 15:14:56 GMT
server
marrakesh 1.23.0
etag
cdd1b84f0c29c6c8e530adae3955fe73
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
m8V4BE0FjXMlVmsi6VxMpYbjp4lszKvEM-bcEqU5tXUQtCEaPOyObA==
expires
Tue, 20 Feb 2024 18:52:46 GMT
get-page-context
page-context.uol.com.br/api/ 		0
0
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 9F1A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20f1:2c00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97fbaddd550c71a18f991bec66256deaaeb8ba11648d24892f0825721b6f94a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45914
content-encoding
gzip
content-type
text/html
date
Tue, 20 Feb 2024 05:07:33 GMT
etag
W/"5d0085ed757386d851250b7b3fc9f27c"
last-modified
Thu, 11 Jan 2024 13:06:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ff279c686ced6dbaee81ab03b4f89998.cloudfront.net (CloudFront)
x-amz-cf-id
Lpl5cpVeCj1TcatDVsIn0lb29NnPzQdE8-_ZsJcrtVIsbjDRGA2lIw==
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c1cbf3b6e76a56e4418d97e2fc93281bd4c502a4cd5488b963ef4b37cf5850b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29102
x-xss-protection
0
server
cafe
etag
35 / 19773 / m202402150101 / config-hash: 3664451900520611530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 17:52:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		287 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:07:16 GMT
content-encoding
gzip
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront), 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 20:28:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P5
age
2731
x-amz-server-side-encryption
AES256
etag
W/"39a6e4e395af0da8e1832e836548faa1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
L5fUDPRt8_I9ctFk6aJ6E8g7T6mFDaxs8lX-1GKQLVkwyV3icJy01A==
privacy-sandbox.html
privacy-sandbox.uol.com.br/ Frame 076E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://privacy-sandbox.uol.com.br/privacy-sandbox.html
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20f1:2c00:1e:82d4:d9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b97fbaddd550c71a18f991bec66256deaaeb8ba11648d24892f0825721b6f94a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
45914
content-encoding
gzip
content-type
text/html
date
Tue, 20 Feb 2024 05:07:33 GMT
etag
W/"5d0085ed757386d851250b7b3fc9f27c"
last-modified
Thu, 11 Jan 2024 13:06:56 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ff279c686ced6dbaee81ab03b4f89998.cloudfront.net (CloudFront)
x-amz-cf-id
m97-H04W5nLg__w2bFAyh321fXNz5YEuTVDFdgx0tYYA-ijvj1ITnA==
x-amz-cf-pop
LHR50-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
profiles.js
tm.jsuol.com.br/modules/external/tailtarget/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
5277
last-modified
Tue, 05 Jan 2021 18:00:11 GMT
server
marrakesh 1.23.0
etag
ecbae16720fa9548b931f719328b1c88
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
gZIqpNEytZTGvUWyeQcc0gAEP_nvrVfHB1B95neQFJa13ABIy8wYfw==
expires
Tue, 20 Feb 2024 18:52:46 GMT
CT-10.js
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 		157 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
61cbad870f9c0130fb7e34db92e176c31301f12af220878a3ce9120f256f158a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
19115
last-modified
Wed, 31 Jan 2024 20:58:54 GMT
server
marrakesh 1.16.6
etag
7621b94439b129616406246ed7cfce31
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
h97jLUVNyC0OY6POI5pcT4HLY0uL6DEdtpDjQ6-MeMzwf8VDkTW8zQ==
expires
Tue, 20 Feb 2024 18:52:46 GMT
policy-banner.js
tm.jsuol.com.br/modules/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/policy-banner.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
d7b7c4cd2270494ec9498273c33eceb628e06a15082110aee8c82e0c0e4161b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
9414
last-modified
Wed, 14 Feb 2024 23:04:51 GMT
server
marrakesh 1.23.0
etag
1114ec438423b820c4c91a7373a6ce64
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
4NS7BJzlZtrpMuiyAiU2sK4SVn_p1bfnkX88M3oRhbIVtBZVxf_lJw==
expires
Tue, 20 Feb 2024 18:52:46 GMT
parceiro-async.js
conteudo.jsuol.com.br/barra/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tnonlinecombr
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5c00:12:a82:2ec0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
03cca9f77b924fd880de2d4be54436d5e272614706782d441b9f5a21ebb89cdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 aff6ac5c98fa897349204752e5877c80.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
RefreshHit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
4033
last-modified
Thu, 15 Jun 2023 09:25:48 GMT
server
marrakesh 1.23.0
etag
198c61ab6e45ab80f28a9b4231fd1d00
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
vT-gokh-LL2_PvcCAb1KJs1YindbsalloMbOxU1U7UJ7TpVQbvbS0A==
expires
Tue, 20 Feb 2024 18:52:46 GMT
tnonline.js
me.jsuol.com.br/aud/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://me.jsuol.com.br/aud/tnonline.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:9800:1:aa11:940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
4957799b91011f5edd6e106abaeb9e036c19e745895d8cce32df2531676f04c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
8908
last-modified
Wed, 20 Dec 2023 18:28:18 GMT
server
marrakesh 1.23.0
etag
456a6b7283e3056ccf554f30cf5aa8f6
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
NBnrHryWGQT6qhn0d8YlQNbMMxhLlZpycMAJ4OQ5Kj7GOt6ocjmrAA==
expires
Tue, 20 Feb 2024 18:52:46 GMT
dmp-uol-sync-p.js
tm.jsuol.com.br/modules/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2aljwf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
5af8e2f87815b9fbca9016b1996d138bea2f683bfebaecd544468ffdacd8df3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
3450
last-modified
Fri, 16 Feb 2024 14:53:57 GMT
server
marrakesh 1.23.0
etag
8fb9c523448b888402729ffeef8b5c8d
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
whgJkat4__RMv_MGVqAYW6Xx79Xe6wTDmIidQEROCvivLIMFBEYZjw==
expires
Tue, 20 Feb 2024 18:52:46 GMT
beacon.min.js
static.cloudflareinsights.com/ Frame 041E 		0
0
main.687ebeaf.chunk.js
joiabet.com/static/js/ Frame 041E 		0
0
2.db33c006.chunk.js
joiabet.com/static/js/ Frame 041E 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/static/js/2.db33c006.chunk.js
Requested by
Host: joiabet.com
URL: https://joiabet.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bbcde8c80341b6069d939e50dbe417e888cf4a0f699964e60ba9a595e92e27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=1052452
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"d188edbda3163d51e14bdcffbfb63211"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jId9VYE9e0ozek3GMMAVjweaFLgrWOe4dgXuIz6E2CNpbDeWwkTCOpDQoocb32CvV%2FOBgW6s%2BRrnsloAiJGC1j9V6gK0FoRwdbknFi5wFjINYHTQ9x6IYYNCsIJzeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af0ec89f160-CDG
priority
u=1,i=?0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 12:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
19010
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138090
x-xss-protection
0
server
cafe
etag
14352082441515359041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 19 Feb 2025 12:35:56 GMT
gtm.js
www.googletagmanager.com/ Frame 0664 		311 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d9c69c8ab870b5a4b027d166cc2086389cc0aab0c019c1d042f7afab78740979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104160
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:15:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 17:52:46 GMT
smartico.js
libs.smartico.ai/ Frame 0664 		288 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.smartico.ai/smartico.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-128.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fad233c843b4aeaa0aeffb36a048451c978c0214a500ec8d833f4bb50a1f88e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:34:18 GMT
content-encoding
br
via
1.1 8e4700eb43d0f5579f360cfc02e71fac.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 12:10:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
15509
etag
W/"511619f2cb41d6303112eccb393e9894"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
V9z9WLXjtwXn1rGfi6dq0cetMCZhcZCC6Z4aRBoakpZPAvt2EiGU8Q==
mercurio.js
tm.jsuol.com.br/modules/ Frame 0993 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/mercurio.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:28:29 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
1457
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
1065
last-modified
Tue, 05 Jan 2021 19:38:04 GMT
server
marrakesh 1.23.0
etag
bed0a7a707f166936e5aaac09879d050
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
8x5x4hvEfvneZmB-2VszjoNqIErnT3Qeh0VFxk97YeM8JR4pT-GXsw==
expires
Tue, 20 Feb 2024 18:28:29 GMT
0e1ab0a1-d93f-4bdc-b304-e76a53464e72
config.aps.amazon-adsystem.com/configs/ 		769 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/0e1ab0a1-d93f-4bdc-b304-e76a53464e72
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-71.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
625586fea20f1285f9a4455b55f9a5f89dd5bd5168fed0e5797a9de5b845d494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:14:06 GMT
via
1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
2320
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
769
x-amz-cf-id
IjTS5uJm9wOQf2naSWMOva1NjIQqWUiuyRN9YwaSDalUW5r7F0CjwA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ftnonline.uol.com.br&pubid=0e1ab0a1-d93f-4bdc-b304-e76a53464e72
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
via
1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
Tql2_dvAKZpxK-UwE51s0sYUI_jnp3wiG0EQ-F1F21UF_m_H7PkJYw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&pr=https%3A%2F%2Ftnonline.uol.com.br%2F&pid=Dd7aIpHXJvaMD&cb=0&ws=1600x1200&v=24.206.2351&t=2000&slots=%5B%7B%22sd%22%3A%22banner-300x250-area%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-300x250-outstream-area%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-300x600-area%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-320x50-area%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-320x50-2-area%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-320x50-3-area%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-728x90-area%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-728x90-2-area%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%2C%7B%22sd%22%3A%22banner-anchor-area%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%228804%2Fparceiros%2Ftn_online%22%7D%5D&pubid=0e1ab0a1-d93f-4bdc-b304-e76a53464e72&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-3-46.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
via
1.1 22ec86e3f4ec676e17ef8eea76eefba2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ojJvzKZ3HfxozvFkss3Ybw78hPaDA_iUcm2jc8lWk2uOMZzdyDTs8Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.113.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-113-225.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:16:54 GMT
x-amz-version-id
zAzTUTyWdb3XqcnMawAeZe8qgTonWA7_
content-encoding
gzip
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
16553
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 20 Feb 2024 13:16:39 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
B-rEyLxIwrS-ZNvP2VKmYk-BQHUpbZ6nH4vOIPgPxYRWABSgkmkV1A==
profile
tt-10162-1.seg.t.tailtarget.com/ 		92 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
via
1.1 google
last-modified
Thu, 30 Jan 2020 20:26:00 GMT
server
nginx/1.17.8
etag
W/"5e333bd8-5c"
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pb.json
estrelabet.com/languages/EST/ Frame 0664 		111 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/languages/EST/pb.json?cb=1708451566774
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e948d27b185fbab32b2cf59c22eb08aa139594ed7ccb1bae8f19e682eca777c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 12 Feb 2024 14:19:06 GMT
server
cloudflare
content-encoding
br
etag
W/"65ca28da-1bba0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
content-type
application/json
cache-control
public, max-age=14400
cf-ray
85889af48bf230fa-FRA
x-xss-protection
1; mode=block
expires
Tue, 20 Feb 2024 21:52:47 GMT
main.687ebeaf.chunk.js
joiabet.com/static/js/ Frame 041E 		503 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/static/js/main.687ebeaf.chunk.js
Requested by
Host: joiabet.com
URL: https://joiabet.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32cedd165ec8cee04f6128ac6706a6dc5e0d0c88b0157a0755a6a80ea37b31b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1980
cf-polished
origSize=515049
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"473841b87e1c96bd912662bbd6e83058"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NU1zuAYz7mjgz1%2BHoWV3a8ZNSrclsCpuWn0o%2BBr5Db2meuywbJpKOOv%2FxOvsH0A%2FXW08XopwTRDkubkr5TH%2FQ8rFnCSYSu3kZWPGion8Qfab8Bmquu4LOlUYcuYsJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af50b6cf160-CDG
priority
u=3,i=?0
beacon.min.js
static.cloudflareinsights.com/ Frame 041E 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: joiabet.com
URL: https://joiabet.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85889af509333aa3-FRA
23
odin.sportingtech.com/api/generic/getUsedWebModuleCodesByTraderLanguageAndDevice/m.esportesdasorte.com/m/ Frame 75E9 		804 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getUsedWebModuleCodesByTraderLanguageAndDevice/m.esportesdasorte.com/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
6db8b06e415d339fa01d22effac5b679fd9ee5cad7ce9f4dc2970e2f36332d3f

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:25:19 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1647
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
OQYBwgcvCxd3EZ5LhY68MT5zwpcWfr3TDCqs-BgM4uyDeClHQ5S6Og==
988.11b95e91e68959e6.js
m.esportesdasorte.com/ Frame 75E9 		658 B
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/988.11b95e91e68959e6.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
9cf4330e7dfb35e9654840ca3935c25427ee9c9e148c1fd69ed164b96e089c5e

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:46 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"65cba317-292"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
658
x-amz-cf-id
O8r5_8oXzg9OX-mP6jWJHc5UV_WHLJCeos1Cf_pQIDPV1ZeBRRExqg==
js
www.googletagmanager.com/gtag/ Frame 0664 		285 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P2XYS8Z9ZY&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
593834a4e3ee41c11df0f2cc4a0f72c483eee16361b8e1808d5603ed18234cd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95634
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:47 GMT
js
www.googletagmanager.com/gtag/ Frame 0664 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-203407BWCD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
js
www.googletagmanager.com/gtag/ Frame 0664 		242 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11317413702&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2a197fcab432eb9ca2c165078299761d432b1935e7514517482d9b72b3f58c6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85094
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:15:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 17:52:47 GMT
deviatetracking.js
cdn.jsdelivr.net/gh/DeviateLabs/DeviateTracking/ Frame 0664
Redirect Chain
  • https://deviatetracking.com/wp-content/deviatetracking/deviatetracking-5.2.js?ver=1708451567
  • https://cdn.jsdelivr.net/gh/DeviateLabs/DeviateTracking/deviatetracking.js
14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/DeviateLabs/DeviateTracking/deviatetracking.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bba8debddd544a8eaab11715ae8f95603946a1d465e868b66c47b0f3a2c9a59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
42936
x-jsd-version
5.3.3
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230041-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"3817-zTarLExn490CByuA0nuOMAGdJA8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pEP4Ue7wcCEaWPzvom%2B9lSc%2FHk3ioLgIlEhPM7599ecS8Rd38ier%2BFgpeRkjvn3wL6Ee2V3f1ibTp%2FXDoxIdXebOIS%2FwAP6s9tI6l0IsvyUasfVnnkqEBbzKPHsu67p4vG8d9WdtZnk0YPxw8ZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85889afa8eb21c1c-FRA

Redirect headers

date
Tue, 20 Feb 2024 17:52:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQNTmWOXoUUkq297F5OzYIhbR4hO%2FQ6wT%2BiTi5NK2T9kPQ2JB%2F7mF5T45ed586pFedzPnN42zXPIyDlkWBhao%2B4V73RM38lQ8sQvsSia8L3aTXKY%2BoN6PJ7F63EvpqTog72RbYFXjyinXF8%2BdGVsjeUy"}],"group":"cf-nel","max_age":604800}
location
https://cdn.jsdelivr.net/gh/DeviateLabs/DeviateTracking/deviatetracking.js
cache-control
max-age=3600
cf-ray
85889af69fbc700c-CDG
alt-svc
h3=":443"; ma=86400
expires
Tue, 20 Feb 2024 18:52:47 GMT
uwt.js
static.ads-twitter.com/ Frame 0664 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-muc13961-MUC
activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafv...
13496778.fls.doubleclick.net/ Frame 55F9
Redirect Chain
  • https://13496778.fls.doubleclick.net/activityi;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;u...
  • https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l...
623 B
699 B 		Document
General
Check archive.org
Download Go to
Full URL
https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
3b13acbe38ff063877383e01172b2c0b8f0ca85769c2cf76654132e289b63485
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
394
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:47 GMT
expires
Tue, 20 Feb 2024 17:52:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
mgsensor.js
a.mgid.com/ Frame 0664 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1708451567002&source=gtm
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
3bd6ff31-945a-477f-bce1-14bf0e12e44d
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
85889af69ca15aa1-VIE
alt-svc
h3=":443"; ma=86400
kompassifyPlayer.js
player.kompassify.com/ Frame 0664 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kompassify.com/kompassifyPlayer.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.212.233.232 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srv.swj-panel.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d2d8b01ad57b7b73272cd99dde9e53778065d024877debaf4b609ac80efb57a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:47 GMT
Last-Modified
Sat, 10 Feb 2024 12:48:09 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"65c77089-5ec"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1516
tag-manager.js
tm.ads.sportradar.com/dist/ Frame 0664 		370 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAO5
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
af29fff92ac1ebe36da3483d07913a35d75df82813039421fee08251cbbdc0c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
x-n
S
content-length
36120
apigw-requestid
TcfeejVHDoEEPEw=
js
metrics.getrmads.com/tag/ Frame 0664 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R66rTbBOEYKKtOPYnDo4HwnFV6JAYmKBPqBhYIvfqpnUUcrOnC94bdqLRLPYBKTyKPUZ0dJbGw7AJhshYEsB7AkklJ2Vrr5RN1YW54LkTmcbCg5A9YmDTbVc%2FxB6hInqGL54laZuspw0BDYVrjQwTxtF8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85889af6cfc2009e-CDG
alt-svc
h3=":443"; ma=86400
expires
0
mgsensor.js
a.mgid.com/ Frame 0664 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1708451567008
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
6be153b4-5c85-496a-8195-0c7453df40ed
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
85889af69ca55aa1-VIE
alt-svc
h3=":443"; ma=86400
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 0664 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=515422330685489181&lib=kwaiq
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Mon, 29 Jan 2024 03:23:36 GMT
Content-Encoding
gzip
x-oss-request-id
65B71A38D3C1853635F02872
X-Cache-Lookup
Cache Hit
Content-MD5
/21V4wxp4OkgyZ6pUCZL9w==
kwaisign
NULL
Connection
keep-alive
Content-Length
1691
X-Ks-Request-ID
18421620233137114734
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 29 Jan 2024 03:16:14 GMT
Server
Lego Server
Etag
"FF6D55E30C69E0E920C99EA950264BF7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
18421620233137114734
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3318901080980820640
x-oss-server-time
3
Expires
Wed, 28 Feb 2024 03:23:36 GMT
dataroyal_tag.js
advcake.dataroyal.com.br/scripts/ Frame 0664 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.188.238.189 São Paulo, Brazil, ASN202422 (GHOST, LU),
Reverse DNS
br-gc-balancer.advcake.com
Software
Caddy /
Resource Hash
9fbe817466ef9f6a3eb3ed1c43cf09f5b01b90154ef0098ce87970169c6c0f92
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
Caddy
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000
content-length
15154
k_estrelabet.js
scripts.prdredir.com/scripts/ Frame 0664 		800 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.prdredir.com/scripts/k_estrelabet.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-runtime
0.022477
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"95d838de11136e7964ca0eaa375bf294"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FlPCuMgE9D4oFMrdo%2FGpu%2FuiCLmouCotrOuvurkHCulIvUFWJxwtf31mzTYGiQHnL2AL%2BX%2FC5EAohy3%2F%2B%2FYeZt3uNCyGfYW5YHjinWqOCrhjoF2hfhhjg%2F4BRAOivAf5juY6U6zp%2BxPNYA%2BcgPLmnjX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
85889af68efc71b8-FRA
x-request-id
0ae4ca30-7a9b-4a1a-abd7-f3e5d8ed1e4a
Da0J4b08Tci60aJ6hFxt.js
tags.creativecdn.com/ Frame 0664 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.creativecdn.com/Da0J4b08Tci60aJ6hFxt.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPqmQpSVAMNJKL2AARARW6_ooMBHdT5O19K7qO2jTIkixEJrPbnLOVHW2n4Is_ogySoj7pXnPrEg3QkeezI
x-77-cache
HIT
x-cache
HIT
x-goog-storage-class
STANDARD
x-guploader-response-body-transformations
gunzipped
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
x-age
1888
x-accel-date
1708449679
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-77-nzt
EgwBnJIhiwH3YAcAAAwBisclwQH30gQAAA
x-accel-expires
@1708451577
x-77-age
3122
last-modified
Tue, 04 Jul 2023 15:01:15 GMT
server
CDN77-Turbo
etag
W/"7dd71e4b922b44d4a1b639cea2047fcd"
x-77-nzt-ray
cf87872713d3e8ccefe6d465708ea110
vary
Accept-Encoding, Accept-Encoding
x-goog-generation
1688482875054340
content-type
application/javascript
x-goog-hash
crc32c=U/iOdA==, md5=fdceS5IrRNShtjnOogR/zQ==
cache-control
public, max-age=3600
warning
214 UploadServer gunzipped
x-goog-stored-content-length
1741
expires
Wed, 24 Jan 2024 18:50:42 GMT
produto_estrelabet_br.js
tags.fulllab.com.br/scripts/ Frame 0664 		586 B
866 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.fulllab.com.br/scripts/produto_estrelabet_br.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N458S7J8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.250.218 Clifton, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-runtime
0.003961
date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=15724800; includeSubDomains
etag
W/"f38faad9febeaa4ffa814a63624d6450"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0
x-request-id
7a9a74e73316f4425290442e01b2a6ac
expires
2024-01-21 17:52:47 UTC
mgsensor.js
a.mgid.com/ Frame 0664 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1708451567011
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
ca3a73d8-6220-4a26-9f93-2c91873f256d
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cf-ray
85889af77df15aa1-VIE
alt-svc
h3=":443"; ma=86400
bounce
secure.adnxs.com/ Frame 0664
Redirect Chain
  • https://secure.adnxs.com/seg?add=34065042&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D34065042%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D34065042%26t%3D1
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
an-x-request-uuid
5191f6fb-d489-404b-acda-5b50d6ef99aa
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
an-x-request-uuid
afeac31b-ab9b-4a52-9b6c-3ec086afa6e0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D34065042%26t%3D1
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
array.js
app.posthog.com/static/ Frame 0664 		122 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/array.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24659aedee6b12c620933b83a77064ed9c124b3efc3578ebf2d4dc12cb6ee060
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
257
referrer-policy
same-origin
last-modified
Tue, 20 Feb 2024 17:18:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65d4deee-1e71b"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
85889afa89e18ff8-FRA
loader
api.retargetly.com/ Frame 0664 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=5012
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
693298a7bbb6f318aa1300782ef7f85580f003a82775ac3310b8c252333b7a49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
cf-ray
85889afa8854923d-FRA
expires
Tue Feb 27 2024 17:52:47 GMT+0000 (Coordinated Universal Time)
hotjar-3777884.js
static.hotjar.com/c/ Frame 0664 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3777884.js?sv=6
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-49.fra56.r.cloudfront.net
Software
/
Resource Hash
611df9583e6628d4bc7458ac0bd1da253a5630d3a6c9e93ec4468b86832c635f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Tue, 20 Feb 2024 17:52:29 GMT
via
1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
30
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/1245ebc30babc34c4124c8f7ab78cff1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
REI5P26mUCeTE9jMOeL9J5SwOzrKy1OzYgORLqedqem54XrE8LYFaA==
user-guiding-B2475334XK2ID-embedded.js
static.userguiding.com/media/ Frame 0664 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/user-guiding-B2475334XK2ID-embedded.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d558728fbfc6916a4971f2b1d8cf77f53c2af576ade8eb4bebae499fb24099ef
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Tue, 20 Feb 2024 16:10:07 GMT
server
cloudflare
etag
W/"1e0296-18dc7481ad2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jikr%2BTMy7N3n7eqMh05OrsMOh3xDMu%2FXCW7UDAl9e0AyIeqG0Llznh%2Fu8jYaMQj%2F1L9sSUsQic92%2Bx%2B7Ibw0jDI95VFKiagN4c0qJEmKIodhy8BzSHIzXpY9kQl6703rhizQTUF10UBhKwQtssHPFiSmWrg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1708451567875
cache-control
public, max-age=1800
x-robots-tag
noindex,nofollow
cf-ray
85889afa8f169a15-FRA
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 0664 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=584573586032562242&lib=kwaiq
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Mon, 29 Jan 2024 03:23:36 GMT
Content-Encoding
gzip
x-oss-request-id
65B71A38D3C1853635F02872
X-Cache-Lookup
Cache Hit
Content-MD5
/21V4wxp4OkgyZ6pUCZL9w==
kwaisign
NULL
Connection
keep-alive
Content-Length
1691
X-Ks-Request-ID
4571375274205623222
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 29 Jan 2024 03:16:14 GMT
Server
Lego Server
Etag
"FF6D55E30C69E0E920C99EA950264BF7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
4571375274205623222
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3318901080980820640
x-oss-server-time
3
Expires
Wed, 28 Feb 2024 03:23:36 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 0664 		214 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:47 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
FhNdfduSNMlGcSw/C9dVKc6o9QN0yybaooR3bEfQlpXonNIjoKS51FkT2q068Xx0VQqulohyB/Bwotqx2VCi3Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/tnonline.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Feb 2024 17:30:40 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1327
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 20 Feb 2024 19:30:40 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SV72Y085LF
Requested by
Host: me.jsuol.com.br
URL: https://me.jsuol.com.br/aud/tnonline.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ffbf3d4cf38af6715211c0a5b109363715de928e9d2dd2ecea9336b476c9d9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83825
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:47 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SV72Y085LF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f7baa7a3913d8782f3d20f1795e1d352e5d80a0183433c4ba234edbd64e57459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83805
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:47 GMT
/
udr.uol.com.br/ 		142 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://udr.uol.com.br/
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:f600:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
08d283e5cf22a7012ef9e24fc00f393028578022290e62db165e1fde32c67958

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
server
awselb/2.0
x-amz-cf-pop
FRA56-C2
vary
Origin,cache-max-age
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
x-cache
Miss from cloudfront
cache-control
no-cache
access-control-allow-credentials
true
content-length
142
x-amz-cf-id
jqYk5ihY4eFuI1Wjkun4xUNY5D2n8HpJg2639tFG2HCXs8QTHuT5gg==
getuidj
ib.adnxs.com/ 		11 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
an-x-request-uuid
83647e06-0c05-4233-8838-e3a5b0ef565c
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
logo.png
m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/ Frame 75E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/logo.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
4c2aaeed01a8da8ff28038839bf02a197c7931a079ca49bbfb117f086106f6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"65cba317-ab4"
x-cache
Miss from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2740
x-amz-cf-id
4-vZ5IpyPnHcDvJjzH0IQ95RXr9BC0hLasZTnJzXXrvpgeDs499Ycw==
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
m.t.tailtarget.com/sync/TT-10162-1/ 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.t.tailtarget.com/sync/TT-10162-1/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
content-type
image/gif
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
uol-icones-setas.woff
stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/v2/icones-setas/uol-icones-setas.woff?2017
Requested by
Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tnonlinecombr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:e200:1c:9011:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Origin
https://tnonline.uol.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 19:22:14 GMT
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
RefreshHit from cloudfront
content-length
24128
last-modified
Thu, 29 Jun 2017 15:57:04 GMT
server
Apache
etag
"5e40-5531b5a137468"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
d4Qirfa4_l2w1Yo_6QwNq6rPFWJx9ZMIuDmGFKLwU6hOAAtso3LO1g==
expires
Tue, 04 Feb 2025 19:22:14 GMT
uol-text-regular.woff2
stc.uol.com/c/webfont/projeto-grafico/uol-font/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stc.uol.com/c/webfont/projeto-grafico/uol-font/uol-text-regular.woff2?v5
Requested by
Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tnonlinecombr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26e8:e200:1c:9011:a540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
8959cb49147ca81605362c45925027eec7a80acbfc71b0e1c2341814d909d7da

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Origin
https://tnonline.uol.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:23:12 GMT
via
1.1 098a60d50e7e132c276fd27b94c6212c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P10
x-cache
RefreshHit from cloudfront
content-length
16648
last-modified
Tue, 03 Nov 2020 20:44:00 GMT
server
Apache
etag
"4108-5b339ec266566"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
M4rQF5P1LvSWqgCSK7luvOgmQecykjWdg77Yt5dXJBbGt9zjwlPXaQ==
expires
Tue, 20 Feb 2024 19:23:12 GMT
logo_completo_white.svg
conteudo.imguol.com.br/c/_layout/v3/logoUOL2021/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://conteudo.imguol.com.br/c/_layout/v3/logoUOL2021/logo_completo_white.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:f200:10:3798:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
542ec618c3fa72569d6241c6d125b9dc7ee7427f585c6a5714f980dfa2764f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 16:13:28 GMT
content-encoding
gzip
via
1.1 b0723c68cc136f4e89ad2f6a85c82e12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
7695559
x-cache
Miss from cloudfront
last-modified
Wed, 28 Apr 2021 21:58:16 GMT
server
Apache
etag
W/"887-5c10f79d18e0a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
m1E1Y3ZAqmufMd3qc3baMQck52duhpgidq9l_sWX7bDe77Mz1CCnMA==
expires
Fri, 22 Nov 2024 16:13:28 GMT
typography.css
joiabet.com/assets/css/ Frame 041E 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f713d38ea987f9f5935cb4dc1780af08194cbed975eae239219d60722485b04e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"55f37933cd1ef3a463adb89e0c1b5b27"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OxtJQijweDxuGCtj%2ByNwLznoUECmYqrlzi0m%2Bql8YmmHwnxlss1Dc%2BaB7xDVWd4WK0dtJ3cP0kC%2BKsplh2uxavDleL8TTth%2FrNMiYtLXeLzZ1EwS9yVYxJSgat7sL9v%2BZAdv7x9ZEw18dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af858d6f160-CDG
priority
u=0,i=?0
style.css
joiabet.com/assets/css/ Frame 041E 		0
527 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/style.css?id=8a6acf09-0bc6-4a3d-f386-ec679cbf28b9
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"9e7a27539226d700e116522ee435029d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8SziM5yuqw4bLRZgndqjoEHyMjnpp1eiESJWMCDYbng5fGUK39wZTZQde9BPpTUfiQzLc1tJQy0EQB1qJy2%2B2KkV3vczLD3tavsfkTsyksqkwZH8H43C%2BbTL7k893vprC0LgTemI10Kyg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889af858ddf160-CDG
priority
u=0,i=?0
b-font-icon.css
joiabet.com/assets/css/ Frame 041E 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/b-font-icon.css?id=22d78838-e364-409a-a33b-4608211880a0
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17bd9a9614716ce62774ec545d56048db7ab4729024e9c83ff7faa1cbd39aae3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"108a0a81ad97f079b0a66e5e6c14c326"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzZLZpbQD%2Fktpl9WmeatDnLwujJ4w1lrnGaPnSkNj4nryIKfd44z8dDh%2BCMXK8P1zafBRsLkWSYzlsi%2FiEbRthp8B51hrlhkVH6ovX1e0YhovR7LNjIKTulgqA86BA4NMLckrQNjLSwemw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af858e1f160-CDG
priority
u=0,i=?0
b-styles.css
joiabet.com/assets/css/ Frame 041E 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/b-styles.css?id=62673b49-3848-4905-fd50-8b7fe882ca58
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b6a3f0ff3b00ca5fdda5ae6d4a956400f807835675fc11486539e508849381
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"06206a7ff7a3698af33b5bab09c16ccd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcP7%2BgHUEfye9z318kj%2BlKYnx9Z9WeEg3NgZ%2BZxCDLfpnoIZud3sqeZPdJD8x%2FjRfOl05LFzMMJnZ2n%2Fye5IuQhZo1SPZ5Bw%2F2QBxDJF0eojNNv8wy94FwDCTGqgmmRCkb72ARK3rfRhPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af858e3f160-CDG
priority
u=0,i=?0
responsive.css
joiabet.com/assets/css/ Frame 041E 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/responsive.css?id=d1d5d2eb-e01d-4359-84f9-8a8788981a19
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f341cd15c8ddaeca7a85e38851defe3877cd2835cf327b8a8ef728dfddad78a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4f2f294b2aa4fba79e3afbd9c904f869"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APHkLGRsgeugeeTE1FDnGv%2Bn2wWVtKjtFiHoXY9t4gKVjRl5qvW8HkuiX6Td1cUUhWLbkgmCc82mbZyXwJjY422Ywysl5BVIDseLxNdOnCz8RmKgTS632R2dTQmQeRvcRG5mwgIN1InWpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889af858ebf160-CDG
priority
u=0,i=?0
config.json
joiabet.com/config/ Frame 041E 		24 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/config/config.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7067fc12483f25ca26db4756dcf33c0385d1740d5532972a35a174625f7f19b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"9045a4b7bf79db6e6f7957ab9ee30b68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UHr9Sz1RyPf6XYeD9r7vAfK3UNsR%2BM7uTi%2BaUBrb6oD7zLwU9%2B3hiP9Z40l1gh0pc2rmbac9U2JVPH82kmqi3Am449iQJWem33MCkgg7MQHwYh7F7L6FliA6eDpPwoUkFvlZN4xbZ%2Fx2jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889af86910f160-CDG
priority
u=1,i
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:52:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
rum
joiabet.com/cdn-cgi/ Frame 041E 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://joiabet.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
85889af8c9bbf160-CDG
767.bf760a86354699bc.js
m.esportesdasorte.com/ Frame 75E9 		155 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/767.bf760a86354699bc.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
ff8c798f902a17c8ffa6debb90aaa68840fca2d3273d2700cbb03a49fb081a62

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-26a2d"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
6xTWL8M4Ob0jakBGC9c0DzdRK4TVm7jOJKZg0eTuiMVEs6tUNg6G3Q==
common.e2efae7288ea6c4c.js
m.esportesdasorte.com/ Frame 75E9 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/common.e2efae7288ea6c4c.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d604916648c1857dc07c32fc800557b2acf135069325a9e52acceee55dfa4941

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-3167"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
3KmtMMKsIgUo6uDPq6JGpvmoY5eq3qwcT54EC2_kEsPQL8t_7J-6HQ==
766.8c54a3d1ef5c0554.js
m.esportesdasorte.com/ Frame 75E9 		125 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/766.8c54a3d1ef5c0554.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
a9b4c9f8393c6be6e1c6412aee7f63b408a6823fd703b395c69bb3d3dc95dc43

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1f361"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
uhN00ToqvMUdQOvSG2mLxXgfNYVj_zvgZmypnHX6UEPmd9EObGrbxA==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11317413702/ Frame 0664 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11317413702/?random=1708451567487&cv=11&fst=1708451567487&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9169558723z89164556869za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&hn=www.googleadservices.com&frm=2&tiba=EstrelaBet&npa=0&pscdl=noapi&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11317413702&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1682add94f36789a71ad757a3ad88f8bdd87408de48ee9f9ae3a56b1fc19fa37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1401
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
3e798335ea7fb6d808b011b6b88882308f3cb8da72a3fa29afdb1ab3860e98b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
an-x-request-uuid
ea220d12-3fd6-42e4-9210-23677184743e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		173 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e46a6bab8079a2422633339e195ad3ce06c11feb40bbf45c1c4faf0575635e43

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.10.0
Content-Type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
bid
s.seedtag.com/c/hb/ 		11 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v1
prg.smartadserver.com/prebid/ 		186 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		186 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=992490
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f284f83c4585c0c7c5e4cee7592425e955ae0c0ffb11132c9d862bc0a524957c

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2cOyPhz0QNQF5vnCOdu18bj4utZsnxgMMFofwr06a5S0w8WIZBJOAQsWNSAsEUjmV%2F9BGd1mER8FNkzmBOFUqET4fEGq4V1TSlvrBUOd5FuizM571yU01T7S46gPYGMHZ23qTTL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
85889afa79df4516-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		518 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=185976&zone_id=904472&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&tg_i.domain=tnonline.uol.com.br&tg_i.page=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&tg_i.ref=https%3A%2F%2Ftnonline.uol.com.br%2F&tg_i.pbadslot=%3B%2F8804%2Fparceiros%2Ftn_online%2Fanchor&tk_flint=pbjs_lite_v7.52.0&x_source.tid=5683c7ac-38d4-4bb0-86b2-4187e09a195e%3Ba40898b9-b3b1-4f50-81c2-3ea40a7ddf47&l_pb_bid_id=16464f11a4f6885%3B179ca1ad11dacfa&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=5683c7ac-38d4-4bb0-86b2-4187e09a195e%3Ba40898b9-b3b1-4f50-81c2-3ea40a7ddf47&rp_maxbids=1&p_gpid=%3B%2F8804%2Fparceiros%2Ftn_online%2Fanchor&slots=2&rand=0.7567879448990367
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8a8e56e54e20a51b30fa37cba337db7834070471a3bb00a06452e6cfca75a5dc

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		11 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
08f1c527826de7bc97428cd2e1d3536bc848a53b802f5077140cfaae032cb2b3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
an-x-request-uuid
2f3a8e4e-d8c9-42cc-b03b-a7271f6c7db8
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
250
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-SV72Y085LF&gtm=45je42e0v891046205za200&_p=1708451562848&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1654842199.1708451563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1708451567&sct=1&seg=0&dl=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&dr=https%3A%2F%2Ftnonline.uol.com.br%2F&dt=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&en=page_view&_fv=1&_ss=1&_ee=1&ep.uol_property_id=326413104&ep.publication_type=normal&up.cookie_consent=none&up.login_widget=deslogado&tfd=5440
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SV72Y085LF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-SV72Y085LF&cid=1654842199.1708451563&gtm=45je42e0v891046205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SV72Y085LF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-SV72Y085LF&cid=1654842199.1708451563&gtm=45je42e0v891046205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=673056334
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/1/i/ Frame 0664 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=98880f21-589c-4e19-bc5c-8bef7a0ff365&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=59a30413-dc77-4276-be2a-34867233e906&tw_document_href=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&tw_iframe_status=1&txn_id=o6pfj&type=javascript&version=2.3.29
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
157
date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
40579967f716f089
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
3f1752c95a399075bca51dfabc8da6e5642ebc3b90e9262896ac4b3eba0ac917
content-length
43
adsct
analytics.twitter.com/1/i/ Frame 0664 		43 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=98880f21-589c-4e19-bc5c-8bef7a0ff365&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=59a30413-dc77-4276-be2a-34867233e906&tw_document_href=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&tw_iframe_status=1&txn_id=o6pfj&type=javascript&version=2.3.29
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
156
date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
15f8bc68e75e2cb4
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
e06bf2cd7b5f7bf38dd09d43dc98cace7172b0ea1d795449e8402c1fff2c8786
content-length
43
beacon.js
sb.scorecardresearch.com/internal-cs/6036356/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a3b8c616cc8b88edddc9991c5be70eef6b2b368d70688f2c18ceae508ec1bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 06:50:43 GMT
content-encoding
gzip
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jan 2024 15:54:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
39726
x-amz-server-side-encryption
AES256
etag
W/"83a683db1bde449cc8fc5228209ca9ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
IAkMtWkzTB6bT_JGsCX4oMfoA_Wdd8Q_SHBulWbq7CJjaTw-9_tj1g==

Redirect headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/6036356/beacon.js
content-length
0
x-amz-cf-id
NLJ_T2NnD7Fek83kRLt6FhYOyjR4rjx6hR0V32HXxGszcyrrLLFMSw==
collect
www.google-analytics.com/j/ 		4 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1789849754&t=pageview&_s=1&dl=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ul=en-us&de=UTF-8&dt=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4CDAAEABAAAAACAUK~&jid=221891913&gjid=137650062&cid=1654842199.1708451563&tid=UA-90467812-21&_gid=1996176397.1708451568&_r=1&_slc=1&cd1=Parceiros&cd2=TNOnline&cd3=TNOnline&cd11=normal&cd4=1654842199.1708451563&cd66=1708451567685.n0ef11b&cd85=none&cd87=none&cd88=none&z=984137594
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 041E 		10 KB
774 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Anton&family=Oswald:wght@200;300;400;500;600&display=swap
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/b-styles.css?id=62673b49-3848-4905-fd50-8b7fe882ca58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c66a30d2ce614d3b226b83046f4cd15efea23ef7ab1e438ed50394aaf9937eeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:52:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:47 GMT
css2
fonts.googleapis.com/ Frame 041E 		5 KB
633 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Smooch+Sans:wght@200;400;600;700&display=swap
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/b-styles.css?id=62673b49-3848-4905-fd50-8b7fe882ca58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9356be08d59a4171e41033bc64a4cb5e32e68057323a2a36e1c053408d9e8726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:52:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:47 GMT
variable.css
joiabet.com/assets/css/ Frame 041E 		302 B
738 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/variable.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7df85edc5ab970a9d6ef7c4c70e56ec8dd221e4307dcac5c9a0f566a17c977f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=413
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"81dd8e5364ef3b0d914ed598b98c6e36"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XQr4nkQmLgNmMVhphC%2BbG06JHuKZkYtME6p%2BWU5x%2FaAN1YM9AlHomWMJQVhe2V3WHGjA84YJeNPRrMjyrVi8hLgMx%2BJDrZAnWOHC4DeJVC4oRvpbLNjA9QSYNWyQzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4ce4f160-CDG
priority
u=0,i=?0
all.min.css
joiabet.com/assets/css/ Frame 041E 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/all.min.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5934b3fe78874efb44f3f846890d3304b94f54c2249d6b1214643b854a94f068
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2cc9842c5388b8de1d4dd849c7190b09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMw0P49iiCnBGgHInLX%2BGenNo5oR9TCLcOg3fB%2B685OJ10E6H3hsyj18iw9ccHRhzgGqkp7IzF3U3473bjKAoK3Oy3HYD4c5XhxCQvfRhuG%2B6g7MaCXZTjhLDpqavA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4ce6f160-CDG
priority
u=0,i=?0
remixicon.css
joiabet.com/assets/css/ Frame 041E 		71 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/remixicon.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5227ab6474a549c3942a7c0a1ac700aadc54428f8c97480ffdcf0c1dd4161fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=86725
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"68f7bc7d25b323e7b4d2378681d9b085"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnBwk%2FHG%2BV%2Fl6EkCVfUWNUkB2cw5WP11jrpwunEDBXtydkZrbS%2F3eGyW997lY0qoQJjtdMQy9qvjwSGT5A0%2BrxR4E6pkcQfIrzrHPv5i6%2FcrzqeK3cERmVE2H44jKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4ce8f160-CDG
priority
u=0,i=?0
slick.css
joiabet.com/assets/css/ Frame 041E 		1 KB
1005 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/slick.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f606f1235716b8d8331dafb7aa337d11c66ce838dd9be33109e8aeb0e3a38d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=1869
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"8c8dc49da2bf380bc0aa191e3c83ae43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1osZdt2NCVuzZiIt%2FyBXlHe4OaWObrm%2Bi5a3%2FLhwxH5nP0Uhapa6eHVhIhBp2hWDEHMv4TuJQb%2FuG4hYyUQmV%2BXsVK52tx%2FjNT9nIHmtxQHO7wr0xoJ14gAUiVhDxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cecf160-CDG
priority
u=0,i=?0
slick-theme.css
joiabet.com/assets/css/ Frame 041E 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/slick-theme.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5e1782ae715b07ebaf88adaf8298dddab402dfa4d99d3f09ded5d765797d81b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=3697
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"3e2992ca776222a4351d3f6af383d1a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjBnuftt%2Bd%2FTtRF%2FX%2BnJNyxenUXWNF6pgUsPdbpccizHeixj5dcXOFe3H%2FwqOsTrFFM8GMLJU8DCy72mp94AL%2FcNngMc7EZRPhblESyhNoaVrtpFVGlvQRvGqLEhxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4ceef160-CDG
priority
u=0,i=?0
owl.carousel.min.css
joiabet.com/assets/css/ Frame 041E 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/owl.carousel.min.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db5b39821a3fd830934435e760762a2a4bde1a46bb5a47faae1c4a45202b2d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"98181fd5d03b2a423fdb337a60b28c1a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nBFldK1yLKlrwKSmPuy3YvBmayI8Jl1TtABzdmjjTYmpqgsuCdj4S3nS9xvt0O2OqLFRiWBZmwyiO5c%2Bj7jcnGSQ71rfyEWQlml3fyMt5dyXWVoyH%2BKSKMPrbXUHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cf1f160-CDG
priority
u=0,i=?0
animate.min.css
joiabet.com/assets/css/ Frame 041E 		76 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/animate.min.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"aa926d6670447f2b11a4241f1f3593cb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JA9p4CYPZ1SE986dR9wWrpbyA%2Fqtz864GNFwva4zS88siLIrLwEi9bintM%2FKcswcsWDp5T7AZXh8ETmYR%2FWEitgNEzdQXa49aX0Q%2FbH2acGOmEW47dbLBidOVsu5ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cf3f160-CDG
priority
u=0,i=?0
magnific-popup.css
joiabet.com/assets/css/ Frame 041E 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/magnific-popup.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3599
cf-polished
origSize=7648
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"599f72bb833aa412ed7ab0fe58cf5aca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3yKO6qzPetViFwdRGBW1RzJBs31gihfZFoe5ytlu1%2FMXPQdscpiCDnnzhE5ucvrQNrbl9jQU0VLLNvYBY%2BYKh5V5YzHfceEWoZYyJW9VuZXENv%2BkqNQ0AWM%2BJ6APrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cf7f160-CDG
priority
u=0,i=?0
select2.min.css
joiabet.com/assets/css/ Frame 041E 		15 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/select2.min.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b2f2188333f50de214416ec28aa0c84c40e8ef1189bebbec0b4d11be135ee39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ffe90656e8664226409996d2a4ceb07e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqxwNEQku%2F7ibc0fXIJ6OTKXgk6lXnyZJNPnhNlngnJ%2FdQXMO%2BDzaWJ6YNkXud7tDzqgS0L%2BJ0JGANLvePeTLOLjshy%2BbxGLDe393ObUaWKNe9NLlITa3Psq8GWmaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cfaf160-CDG
priority
u=0,i=?0
select2-bootstrap4.min.css
joiabet.com/assets/css/ Frame 041E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/select2-bootstrap4.min.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd43e5d00f3291ceea5bbed79873f41c36f536fb3fd3d00009c4eb36921b749e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f501d808c642529cb136ede772279f0b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWHcd72VXySDrhmhSxVgePJVAJpuvMzGLjU24%2F7Vf9ocb2R9%2FqHCtPtXSTtD9IR%2B7tOJJ1unsieU96rqyzyfk5P%2BGJ5nn6iuzWs53z15w6m9G0ImQ%2F6kR69vKoBZ7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cfbf160-CDG
priority
u=0,i=?0
dark.css
joiabet.com/assets/css/ Frame 041E 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/dark.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c030d08e24f8af5d21d35f27cea4a06fa7db04374421817ba89bc723aed66108
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=20626
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"b55cb4cf0988861e38396ddf7002c0f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5DMIjmv5TR0AT7nuZqW%2BQzQup4YbGE9VTQC8uqh8%2BU3Iv0yFowTVpOmZriJEVFBBtkN43611RStqjof4h5JnMxH1IDb%2Fvq1YYvk3ZbEcaOS78ItAMB29oPnZYVhsrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cfcf160-CDG
priority
u=0,i=?0
slick-animation.css
joiabet.com/assets/css/ Frame 041E 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/slick-animation.css
Requested by
Host: joiabet.com
URL: https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3666410dd847e3afcbfe57e5ccb354efd7beeb2dc33d5133b2c088a144496d8e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/assets/css/typography.css?id=7556d72e-4de1-4527-9a56-82113e8c47c5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=4321
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"216861ac28d5abd1cd9016c206c8cad8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnI9lH11uxMg6NE7JwW9Q98EHU0MUZvt8oO00qo2%2FliAR05j5SWmVpA9Bb4LsHp5B2VTzUZL%2FtEd%2F69fr4OdmPDSCBNOjfWB%2FdNOGkNrmeKz%2FF2emFU9ZuSHX57XPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afa4cfff160-CDG
priority
u=0,i=?0
chartbeat_mab.js
static.chartbeat.com/js/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tnonlinecombr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:19:30 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:18:23 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
81197
etag
W/"6583925f-5f13"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
uW3hOxKTXtrrghiS3QueFZyVSj0V_25PO6DB0MTExnC8Z2pzeBOThw==
expires
Tue, 20 Feb 2024 19:19:30 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: conteudo.jsuol.com.br
URL: https://conteudo.jsuol.com.br/barra/parceiro-async.js?parceiro=tnonlinecombr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:5200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 19:05:21 GMT
content-encoding
gzip
via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
last-modified
Thu, 21 Dec 2023 01:04:59 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
82046
etag
W/"65838f3b-11b0d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
XO2_A0zY16bh2uGkyzpr2f0L8S9yDeah_Z3GIB5zdARPXND9zLtJ3w==
expires
Tue, 20 Feb 2024 19:05:21 GMT
kompassify-init-params
api.kompassify.com/boot-loader/ Frame 0664 		137 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kompassify.com/boot-loader/kompassify-init-params
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
173.212.233.232 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
srv.swj-panel.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
9b184cfae5874e680b46b6387ce4b9cd012423965b3f9adb8d23bbf27b1e8dba

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Tue, 20 Feb 2024 17:52:47 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"89-kQh6lO0cShGsf3Mo5b4kszfTdbo"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
137
tracker.js
tracker.ads.sportradar.com/dist/ Frame 0664 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAO5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"235331a0761142ae4fd345cdf7c7f9ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
RWcvL83nSpizVXOp8gGiHPuaIWevCr9NTfKLZpoh-Khy4wzqA3Pl3g==
content-length
6405
pixel
a.sportradarserving.com/ul_cb/ Frame 0664
Redirect Chain
  • https://a.sportradarserving.com/pixel?type=js&aid=1471&id=5525
  • https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1471&id=5525
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1471&id=5525
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
HTTP/1.1
Server
52.28.196.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
5f7285c55791356c0f9a06310ccb928ddb1cc1afe63904a1338d0a662c205ea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1527
Content-Type
text/javascript; charset=UTF-8

Redirect headers

Location
https://a.sportradarserving.com/ul_cb/pixel?type=js&aid=1471&id=5525
Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
v2
us.creativecdn.com/tags/ Frame 0664
Redirect Chain
  • https://us.creativecdn.com/tags/v2?type=json
  • https://us.creativecdn.com/tags/v2?type=json&tc=1
474 B
727 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
f6052a0edd05a86278628c6c7d1c990004548de9e358e6a9a95a6a3e710f3b62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:49 GMT, Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
gzip
access-control-max-age
3600
vary
Origin
access-control-allow-methods
GET, POST
access-control-allow-origin
https://estrelabet.com
content-type
application/json;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
358
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT, Tue, 20 Feb 2024 17:52:48 GMT
access-control-max-age
3600
vary
Origin
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
access-control-allow-origin
https://estrelabet.com
access-control-allow-methods
GET, POST
location
https://us.creativecdn.com/tags/v2?type=json&tc=1
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://estrelabet.com
access-control-max-age
3600
content-length
0
date
Tue, 20 Feb 2024 17:52:48 GMT
vary
Origin
safeframe
scripts.prdredir.com/ Frame EACC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://scripts.prdredir.com/safeframe
Requested by
Host: scripts.prdredir.com
URL: https://scripts.prdredir.com/scripts/k_estrelabet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889afacdce71b8-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rZ9MDzmjqgoF8vTyuaBKZoHb%2BeamvUIuQ3SAWunGC0hwbgfLYt1U%2B9wQHSVLmzHOFrrkoXfxZCBYKS4jNJfxHV%2BzuhpOecbQgH3%2F17zCBuPoaqJ%2FJuFI3u%2BOaiZvu2apK7olyAtyf6xQ4jqJVP9GFr2H"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
711ec26c-b8c8-4f3a-9bde-2da24a4f9009
x-runtime
0.001963
x-xss-protection
1; mode=block
countryblock
service.estrelabet.com//ajax/country/ Frame 0664 		285 B
641 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.estrelabet.com//ajax/country/countryblock
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e381e7b3a9d4ae46d52ceb25b841f98408b465bc81527469c78e99c2076ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://estrelabet.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
85889afb0a5930fa-FRA
access-control-allow-headers
X-Request-ID,X-REQ-ID,Authorization,X-MGS-BusinessUnit,Accept-Language
expires
Thu, 19 Nov 1981 08:52:00 GMT
12.4f32a4e17024e942c485.js
estrelabet.com/ Frame 0664 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/12.4f32a4e17024e942c485.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/runtime.b4b0e39fd84f9fd922d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bbcfc91437f3de19bc36216e5c1ab5940dee64312604aedbcfe82715ed10959

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
12260
etag
W/"65d44157-2611"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889afb2a6730fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
getPage
service.estrelabet.com//ajax/staticPage/ Frame 0664 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.estrelabet.com//ajax/staticPage/getPage?language=pb&urlPath=footer&languageId=pb
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26afa867f8a03ea262ced0e99aa9ddc266e7320f710bec0215b97ae9fb88527
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=6ZIaPBUbAqAjdfI39BzGn49kyWQoIguZW8PiwN.l9dQ-1708451568-1.0-ARaffFL6VFh9kZidxDnmalmRAqhkztLa6U_fAmkyj7piur202a8TUq1thYK7yw9_R81NG0Up0qOEu4mBNTX0AgaKRkzUQUiwC4fih4EsKYmKFCAwrucC_dToiUnQZAJUhKKDKs1FDio8SnwSTXKeQOPxKygwgyYxGhwslYkgfWNw; report-to cf-csp-endpoint
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
https://estrelabet.com
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=6ZIaPBUbAqAjdfI39BzGn49kyWQoIguZW8PiwN.l9dQ-1708451568-1.0-ARaffFL6VFh9kZidxDnmalmRAqhkztLa6U_fAmkyj7piur202a8TUq1thYK7yw9_R81NG0Up0qOEu4mBNTX0AgaKRkzUQUiwC4fih4EsKYmKFCAwrucC_dToiUnQZAJUhKKDKs1FDio8SnwSTXKeQOPxKygwgyYxGhwslYkgfWNw"}],"group":"cf-csp-endpoint","max_age":86400}
content-language
en
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
85889afb4a7a30fa-FRA
access-control-allow-headers
X-Request-ID,X-REQ-ID,Authorization,X-MGS-BusinessUnit,Accept-Language
expires
Thu, 19 Nov 1981 08:52:00 GMT
status
service.estrelabet.com//ajax/login/ Frame 0664 		285 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.estrelabet.com//ajax/login/status
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17e381e7b3a9d4ae46d52ceb25b841f98408b465bc81527469c78e99c2076ef8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://estrelabet.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
85889afb6a9230fa-FRA
access-control-allow-headers
X-Request-ID,X-REQ-ID,Authorization,X-MGS-BusinessUnit,Accept-Language
expires
Thu, 19 Nov 1981 08:52:00 GMT
close_icon.svg
estrelabet.com/assets/img/ Frame 0664 		384 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/close_icon.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b915ef89dbea9452ed19323d81380742e86cc191e2cd30b79167d98d7282cc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
384
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-180"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbdafc30fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
primary-loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/primary-loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc63570827ac055bf3f5602f5a2dd318f00d7f8e2c76bc1228156f9a6353c6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
cf-cache-status
HIT
age
3946
cf-polished
origSize=244263
content-length
116406
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ba27"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeafe30fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
secondary-loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/secondary-loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d364673ea6cb2a4ca51a803621f7f5c11496d0a62969ea7e5e00f7858b129e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
cf-cache-status
HIT
age
10247
cf-polished
origSize=244323
content-length
112407
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ba63"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0130fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
tertiary_loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/tertiary_loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f82fcf331ca01203b819fee779dfae0394751c1b2922500240f06c381696590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
cf-cache-status
HIT
age
3946
cf-polished
origSize=27638
content-length
10406
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-6bf6"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0330fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
estrelabet-logo.svg
estrelabet.com/uploads/media/EST/ Frame 0664 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/uploads/media/EST/estrelabet-logo.svg?website-logo
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8df989f82869867f2fd9b635416a6ecd80ca33dee35f7a897e75bda77ba15d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
5426
x-xss-protection
1; mode=block
last-modified
Tue, 19 Sep 2023 18:38:04 GMT
server
cloudflare
etag
"6509ea8c-1532"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0430fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
people-user-icon.svg
estrelabet.com/assets/img/ Frame 0664 		939 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/people-user-icon.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7051435c5e2b793e67de4d71a2725617adf24c48ed156609313fa346960729f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
939
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ab"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0530fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
pb.svg
estrelabet.com/assets/country_flags/ Frame 0664 		824 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/country_flags/pb.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9540d3f1b5a8314644f31cf046cdad3ab8af07ea5b53dec24c7ae0db20b8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
824
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-338"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0830fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
en.svg
estrelabet.com/assets/country_flags/ Frame 0664 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/country_flags/en.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
318e74e0e30d3d38f32cb7b14e5090d7685076066adc5702ab4fd305224c9f6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
2530
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-9e2"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0930fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
es.svg
estrelabet.com/assets/country_flags/ Frame 0664 		696 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/country_flags/es.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00f9c865ef765313123b5bdea5c6bd609e6984d226074c375afe51c26f1eab03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
696
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-2b8"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0a30fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
estrelabet-logo.svg
estrelabet.com/uploads/media/EST/ Frame 0664 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/uploads/media/EST/estrelabet-logo.svg?websiteLogo
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8df989f82869867f2fd9b635416a6ecd80ca33dee35f7a897e75bda77ba15d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3946
content-length
5426
x-xss-protection
1; mode=block
last-modified
Tue, 19 Sep 2023 18:38:04 GMT
server
cloudflare
etag
"6509ea8c-1532"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afbeb0c30fa-FRA
expires
Tue, 20 Feb 2024 21:52:47 GMT
alert.svg
estrelabet.com/assets/img/ Frame 0664 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/alert.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9814b7b8bf6f56e663a520664b3d3adfff37ec1361657a49977b45042cbdebae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3947
content-length
1363
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-553"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889afc1b3e30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;...
adservice.google.com/ddm/fls/z/ Frame 55F9 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE
Requested by
Host: 13496778.fls.doubleclick.net
URL: https://13496778.fls.doubleclick.net/activityi;dc_pre=CNHwnIa-uoQDFYZTHgId6b8JkA;src=13496778;type=invmedia;cat=estre0;ord=6691882756633;npa=0;pscdl=noapi;gtm=45He42e0v9164556869za200;gcd=13l3l3l3l1;dma_cps=sypham;dma=1;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://13496778.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
landing_page_config.json
joiabet.com/config/ Frame 041E 		2 KB
942 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/config/landing_page_config.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64086a27954f804277fe16892726fd9965bb58eb5f0abf69b3608f6b7c4abfbe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"87a1e7513f19b3c25004438f4ad8887d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2F4zYlM5NJjxiMWQE00xrctHwOf1euMewOTqEJhrvg6y29%2FZqEpv6hXKtDV4iQqBegwzAophijhp39QCeBprNjlJBzS5ZMwgPtj1EFristAX5uaOwjKXT%2BQ7Acx8oxwkTY67B82atxlmOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889afc1fe4f160-CDG
priority
u=1,i
wmetrics
metrics.getrmads.com/ Frame 0664 		0
312 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=1&dr=&dl=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by
Host: metrics.getrmads.com
URL: https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:cb12 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2SvyxpLz6oHTyWfMOpFvJLfggnX0OwHBB0VDoALDSc0IYrqL%2Bv1XFA552y5BVmteax5IQbLMRtAe07rwlw7uNy2Y5IATSYE5WhmoQW8OVkD%2B6iWi02EWn9y1YlZT7pWhqjhng2U6r%2BT5WHgJZrKLkmmaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85889afc1b61009e-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-90467812-21&cid=1654842199.1708451563&jid=221891913&gjid=137650062&_gid=1996176397.1708451568&_u=4CDAAEAAAAAAACAUK~&z=77330179
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 20 Feb 2024 17:52:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
kompassifyInstancePlayer.js
player.kompassify.app/ Frame 0664 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.kompassify.app/kompassifyInstancePlayer.js?version=4.2.21
Requested by
Host: player.kompassify.com
URL: https://player.kompassify.com/kompassifyPlayer.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.119.136.196 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi713732.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
aef2978da5d7c0873b8ebee05c99888fa6c6f48f54971958b8e5d7dd975aabf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Last-Modified
Sat, 10 Feb 2024 12:48:22 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"65c77096-febd"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65213
modules.a02b08e96dea6b9516bd.js
script.hotjar.com/ Frame 0664 		228 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a02b08e96dea6b9516bd.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3777884.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.219.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-219-71.ams54.r.cloudfront.net
Software
/
Resource Hash
31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 11:01:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 6c22fb0e883db3123ae98d8d72cdaf76.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
111102
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56163
last-modified
Mon, 19 Feb 2024 11:00:25 GMT
etag
"26c6b143280117fc6f6e3350a91924ce"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
QxY-iBgpB3tJuK2LsVhoCf2FCc3FjXRlBVneCsscXos30QPZoULS9A==
/
api.ipify.org/ Frame 0664 		21 B
154 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d355a2635cf91a471018aa8dd3f11475641f3830b3d4afa7d103d0881b06581

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
application/json
access-control-allow-origin
*
cf-ray
85889afd1f6c1cc9-FRA
content-length
21
safeframe
tags.fulllab.com.br/ Frame 396B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.fulllab.com.br/safeframe
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/scripts/produto_estrelabet_br.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
144.126.250.218 Clifton, United States, ASN (),
Reverse DNS
Software
/
Resource Hash
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
text/html; charset=utf-8
date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
x-request-id
e6d512cb6ed56ed7fb748243e776700c
x-runtime
0.002395
x-xss-protection
1; mode=block
t2.min.js
pdp-cdn.retargetly.com/ Frame 0664 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pdp-cdn.retargetly.com/t2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=5012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6744050bae69a47a6bc42d3e765b2dc6c53482290f1f4f122a8ca55bb94e9577
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
x-amz-version-id
zA8m9yUa8kXO0JdRGQ2tVYvmk4jLLMmn
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
FRA50-C1
age
5512
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cf-cache-status
HIT
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 22 Jan 2024 16:16:57 GMT
server
cloudflare
etag
W/"84ae0195efd03b8e657c03f338667d49"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript
cf-ray
85889afc99c7923d-FRA
x-amz-cf-id
VmIcgzUx69m-3ngnkRMZnphbuHqoUKbw0Hbt9kLEyM4IMO7UsxK1kA==
/
app.posthog.com/e/ Frame 0664 		13 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/e/?ip=1&_=1708451568112&ver=1.107.0
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889afcdb908ff8-FRA
access-control-allow-headers
X-Requested-With,Content-Type
/
app.posthog.com/decide/ Frame 0664 		625 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/decide/?v=3&ip=1&_=1708451568113&ver=1.107.0
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22bf3b5af91a3594cb1d3aa82e54899a41fa134a6d4b4cb95aa8d97816a1d02
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889afcdb918ff8-FRA
access-control-allow-headers
X-Requested-With,Content-Type
/
www.google.com/pagead/1p-user-list/11317413702/ Frame 0664 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11317413702/?random=1708451567487&cv=11&fst=1708448400000&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9169558723z89164556869za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&frm=2&tiba=EstrelaBet&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_XtcAX_rTjF0HSi2o0MPSBAKltTdBpJKM_3KVNS6pS9cgL5HI&random=3414865370&rmt_tld=0&ipr=y
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11317413702/ Frame 0664 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11317413702/?random=1708451567487&cv=11&fst=1708448400000&bg=ffffff&guid=ON&async=1&gtm=45be42e0v9169558723z89164556869za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&frm=2&tiba=EstrelaBet&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_XtcAX_rTjF0HSi2o0MPSBAKltTdBpJKM_3KVNS6pS9cgL5HI&random=3414865370&rmt_tld=1&ipr=y
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
316274250831486
connect.facebook.net/signals/config/ Frame 0664 		53 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/316274250831486?v=2.9.147&r=stable&domain=estrelabet.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b8b887eee0bfe5820bd835eccf22c75199a9c851f5272b87c5f8fec6e52313c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
11114
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
DaG8PtE9E0rZWt7gCm4mj9HVMKpkFDxe7zQAdB1AvjC/xjVUPDjEh950EjA5DD0j+Ed0Xo5FiRCSnzcwXUYusQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sp-3.8.0.js
tracker.ads.sportradar.com/dist// Frame 0664 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"143272dddc33395008a84a86ac9c2e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
T3lu0gKmac6ingODnmgQ5fsL5DxrgSFZZN6DOL8TZTBEpzbHaQX92Q==
content-length
24162
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90467812-21&cid=1654842199.1708451563&jid=221891913&_u=4CDAAEAAAAAAACAUK~&z=932768630
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-90467812-21&cid=1654842199.1708451563&jid=221891913&_u=4CDAAEAAAAAAACAUK~&z=932768630
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
api
api.retargetly.com/ Frame AE44
Redirect Chain
  • https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=
  • https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=&_rlid=9c337ada-0...
0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=&_rlid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=5012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889aff4b67923d-FRA
content-encoding
gzip
content-type
application/javascript
date
Tue, 20 Feb 2024 17:52:48 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889afd1a14923d-FRA
content-type
application/javascript
date
Tue, 20 Feb 2024 17:52:48 GMT
expires
0
location
/api?id=5012&src=5&url=&browserUrl=undefined&ref=&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=&_rlid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
promotion.json
joiabet.com/config/ Frame 041E 		94 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/config/promotion.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adfd84ca05d628bfeb257a51126293c8fbe158284adff544a0825f17523408da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"bc51446afa95811f717f0dbaf5bc42fd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YG0aeU9TvC3y4RW%2Fyqt55qsbwg3o%2FszW%2FwXLXmbW6y0Z4K8k4SZKdb1DyGUAkrGSw0YP%2BhPTDHnN1gMjOcpHSbg7dv9v9NBRhG0StkZ9VaO7pPOcpGiXkRhnIjTOpBcAlkHiTexw6Zt%2BdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889afd29b4f160-CDG
priority
u=1,i
1x1.gif
a.mgid.com/ Frame 0664 		43 B
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=766375&type=c&tg=&r=&nv=0&clid=&d=1708451568165
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd2e5e5aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568166
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd2e625aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=766375&type=c&tg=&r=&nv=0&clid=&d=1708451568166
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd2e665aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568167
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd2e695aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568186
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd4eaf5aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568187
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd4eb25aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		160 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=uol.com.br&domain=tnonline.uol.com.br&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd76c1c53327efdebc0cc8fa72bc2a12e7fbf424322d7be3541940e301381035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
129
x-served-by
cache-sof1510031-SOF
x-timer
S1708451569.541002,VS0,VE122
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 18 Feb 2024 17:52:48 GMT
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=766375&type=c&tg=&r=&nv=0&clid=&d=1708451568188
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd5eb45aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
280.1e9aff0fd338761e.js
m.esportesdasorte.com/ Frame 75E9 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/280.1e9aff0fd338761e.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
6f149b2820fa32302244b3c6c996f150bdf78b66e4f5a16b8e214b4486205a67

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-49f6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
_tyNcEkv9TEXYRhIuHJqP66c4tZ7Hd2xWdmqQpgEjtM5MYb4Z7hA5w==
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=766375&type=c&tg=&r=&nv=0&clid=&d=1708451568208
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd6eec5aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568209
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afd6eee5aa1-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
collect
region1.analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-VL4N2H807F&gtm=45je42e0v874965326za200&_p=1708451562848&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1654842199.1708451563&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1708451563&sct=1&seg=0&dl=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&dr=https%3A%2F%2Ftnonline.uol.com.br%2F&dt=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&en=scroll&epn.percent_scrolled=90&_et=10&tfd=6038
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6036356&cs_fpcu=0a7582cd8a934ae38fcf0766f3eace47&cs_it=b9&cv=4.5.0%2B2401261228&ns__t=1708451568224&ns_c=UTF-8&cs_cfg=111&c7=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&c8=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&c9=https%3A%2F%2Ftnonline.uol.com.br%2F
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
HsxaKbhUM5qnUKyH1aq4ZGNzgxVJOAwJD0as7fnMS89Nf2gpG7kXug==
x-cache
Miss from cloudfront
ads
securepubads.g.doubleclick.net/gampad/ 		68 KB
25 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online%2Canchor&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451568235&lmt=1708451568&adxs=436&adys=1145&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=1600x-1&msz=728x-1&fws=512&ohw=0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D0%26pos%3Danchor%26native%3D0%26amznbid%3D2%26amznp%3D2&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dna%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&adks=3928323922&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e80fab292be0ed63a46ac48e317e35eb4d19cb72f245c4d75c2d9df54e93e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25058
x-xss-protection
0
google-lineitem-id
6291494610
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138431838449
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 733F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:48 GMT
expires
Wed, 19 Feb 2025 17:52:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/ Frame 396B 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.0/fingerprint2.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7307016
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9392
last-modified
Mon, 04 May 2020 16:10:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5c-72e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUqLHkHaPyMakJWA2RDazmRdcbRl9kdSNKttyJrHaji9ahCnjlCV%2FaQWM%2BLzsqeIfx1qDf19wgRbAOEFcUfUyVskveSDsHJbeF7sOUyH1ipomPorGoAdNw43e4vbznDInKtXXdb6YZ07nWSwQlVeYtCk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85889aff7881996f-FRA
expires
Sun, 09 Feb 2025 17:52:48 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/ Frame 396B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.2.1/js.cookie.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8768598
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
701
last-modified
Mon, 04 May 2020 16:11:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec5-653"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3YZM2KP5N5tOdH%2F9iYEtBYrNbc6nQb2wdYcN53jhrG7evqq7Gxh%2FpdkPFF9WKTth84oYFBQdJsyHV5zUwwVnP9gbo0GgAPTMy6RkefUrZpAH5X5p1t1695bTInjO%2FBVI8zYPI92PzJyjKy7kiumpRFm"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85889aff7883996f-FRA
expires
Sun, 09 Feb 2025 17:52:48 GMT
url-tld.min.js
cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/ Frame 396B 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-url/2.5.3/url-tld.min.js
Requested by
Host: tags.fulllab.com.br
URL: https://tags.fulllab.com.br/safeframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tags.fulllab.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7142440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1574
last-modified
Mon, 04 May 2020 16:11:50 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec6-fd5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0EztYPVOkr5jHxrVWhP%2B0C3nTrXjrCpQIt%2BybmwZOLJi3JxU7WzBDGUQhflSQvnSvGiotfEh7%2F%2F7gK%2FCiHTXgt524p0WPKchO9N%2FryIlkUTapwhXiVJDvfwisNFtUfdwKFW12OGD%2FPKJv1HvZEDdtgOA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85889aff7882996f-FRA
expires
Sun, 09 Feb 2025 17:52:48 GMT
/
hitbr.acstat.com/estrelabet/ Frame 0664 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hitbr.acstat.com/estrelabet/?sid=093be2df-c8c1-f293-f1ba-011fdbfc0fd0&t_tid=0fdac099-26a5-e35f-6dfb-44febdd14c83&t_dp=&wid=&par=&ref=&t_t=&t_if=1&t_s=&ih=0&iw=0&if_p=&s_w=1600&s_h=1200&land=https%3A%2F%2Festrelabet.com%2F
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
5.188.238.189 São Paulo, Brazil, ASN202422 (GHOST, LU),
Reverse DNS
br-gc-balancer.advcake.com
Software
Caddy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://estrelabet.com
date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15724800; includeSubDomains
server
Caddy
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000
content-length
0
js
metrics.dataroyal.io/tag/ Frame 0664 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://metrics.dataroyal.io/tag/js?rtid=ADQ-1692045473459679
Requested by
Host: advcake.dataroyal.com.br
URL: https://advcake.dataroyal.com.br/scripts/dataroyal_tag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1e444e5b96219d1311f5527ef310b9d399f2bcf32966428b6889f9c2e8b8521

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HD9rc9w%2BKUw%2Ftf2g0ZMAOy%2FjiAdmuB6bGTmj6Hpp5HUl6FwJDvZ975jrzWyFL9yzW09DF8lUwsfpWjziWhmPei6MnD60w7U4twNb9KCtbLIqaFOEKgA67bBIvdaQDL28E4nKaHsP4wlyDxc3ShPpRaLRYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85889aff7cabf0cf-CDG
alt-svc
h3=":443"; ma=86400
expires
0
event_collector_cookies
pdp-service.retargetly.com/ Frame 0664
Redirect Chain
  • https://pdp-service.retargetly.com/event_collector_cookies
  • https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
19 B
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector_cookies?redirect=true
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
request_id
dc266566-d018-11ee-8401-72380da9d70f
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889affab93923d-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
19

Redirect headers

date
Tue, 20 Feb 2024 17:52:48 GMT
request_id
dbfe5502-d018-11ee-acc6-6e71887f3a58
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
text/html; charset=utf-8
access-control-allow-origin
https://estrelabet.com
location
/event_collector_cookies?redirect=true
access-control-allow-credentials
true
cf-ray
85889afdfa83923d-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
/
www.facebook.com/tr/ Frame 0664 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316274250831486&ev=PageView&dl=https%3A%2F%2Festrelabet.com%2F&rl=&if=true&ts=1708451568294&sw=1600&sh=1200&v=2.9.147&r=stable&a=gtmss&ec=0&o=4126&fbp=fb.1.1708451568293.885499544&ler=empty&cdl=API_unavailable&it=1708451568130&coo=false&eid=92850787-4e4b-43fc-af4e-00355c5948d4_1708451566302.2&exp=e3&rqm=GET
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
1x1.gif
a.mgid.com/ Frame 0664 		43 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451568296
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889afdfb5d5b88-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
recorder-v2.js
app.posthog.com/static/ Frame 0664 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/recorder-v2.js?v=1.107.0
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca772cf871c3bf99151afd8baaaf58d7c929b3901a5d384d51cdf23c341d6a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
222
referrer-policy
same-origin
last-modified
Tue, 20 Feb 2024 17:18:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65d4deee-19e58"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
85889afdfc8c8ff8-FRA
surveys.js
app.posthog.com/static/ Frame 0664 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/static/surveys.js
Requested by
Host: app.posthog.com
URL: https://app.posthog.com/static/array.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df4e3ba99c7f461fec042b88ad01aafa5589fbbb52de551c808359e6974d4a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
last-modified
Tue, 20 Feb 2024 17:18:38 GMT
server
cloudflare
cross-origin-opener-policy
same-origin
etag
W/"65d4deee-fb2a"
x-frame-options
SAMEORIGIN
vary
Cookie, Accept-Encoding
content-type
text/javascript; charset="utf-8"
access-control-allow-origin
*
cache-control
public, max-age=300
cf-cache-status
REVALIDATED
cf-ray
85889afdfc908ff8-FRA
gtm.js
www.googletagmanager.com/ Frame 041E 		123 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P29M7QPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ace219438bb5d659cab63a5ec60d7523ee65d715f0416a1cc5b77399001616b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47621
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:15:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 17:52:48 GMT
js
www.googletagmanager.com/gtag/ Frame 041E 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BXVJJ6VJC2
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
180d8a3ba8d61fd790cbdfa78172c68096a943558314e59b40e91f2a9b733ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:48 GMT
joiabet.css
joiabet.com/assets/css/ Frame 041E 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/assets/css/joiabet.css?V=123
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84ee6e2ed535be7e5321759346497550f2b17ec281c4d64eb7d69daf3792b41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4662
cf-polished
origSize=19130
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"9f3600c2840d56e33d3d9a339753c618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8riTebscGD8lexHQbNmPMdwU2lUZAbCv9R5TGoglOFFwiBUOHeJFVAaAU2yxlBVGO8VDS6Wi9FqZCqeF9ytSWuuGGCkzjNx1FFnejND%2FZIrRHZm9Pcu5CGfk%2Fp3QGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889afe1b66f160-CDG
priority
u=0,i=?0
translation-joiabet.json
joiabet.com/config/translations/pt-BR/ Frame 041E 		107 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/config/translations/pt-BR/translation-joiabet.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e81f50f23a9484fc9e32d44614fc43c8e694c2ba45f580cbeefb467b844e07
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"97842295c3b9e95ccae21a08eeac928d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jl7uSVU3mwMpO5hL9Fo8QfISwkuwtYUD1T3lvSshFgPveM4SlVJM6TNVpfqqKQy23bB9RWJr6aLgfNHGh1MNpsE0h%2BNyopG2qc2stzEnaruPq047PEvCLC%2Byfk9Y3kpyeFMp%2BosTXmamYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889afebc72f160-CDG
priority
u=1,i
translation-joiabet.json
joiabet.com/config/translations/pt/ Frame 041E 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/config/translations/pt/translation-joiabet.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf1af13d574c65cc4b7d832720f35948ee8d8553f5fc845a5cc097194da73175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
DYNAMIC
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljemWZ5aayYyzalD8WyDDE%2BVbUzhbwwOUM5%2F1wAYLVvmVcKklEo5VAt0uWjDn8Yvt4gu7SaGoChGRyYVAB4DeDCn3RLEd08SBrgTZ%2Brft9EdpEQELDfAdr5hcatWFSTVSDODKMJ9pQTjig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889afebc73f160-CDG
alt-svc
h3=":443"; ma=86400
priority
u=1,i
sync
x.bidswitch.net/ Frame 0664 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=cf1d45ab-6a30-448c-9710-3d8ea454b43a
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/ Frame 0664 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=43d2d772-1b01-462e-b522-75b44f46cae6
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/ Frame 0664 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=3&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=3c4924c0-68ae-4847-9a76-5ae346b9f73b
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
syncd
x.bidswitch.net/ Frame 0664 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=409&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&user_group=3&redir=%2F%2Feu.sportradarserving.com%2Fbsw_sync%3Fbsw_uid%3D%24%7BBSW_UID%7D
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
capi
v7.deviatetracking.com/ Frame 0664 		0
0
w
odin.sportingtech.com/api/generic/getTraderDefaults/m.esportesdasorte.com/ Frame 75E9 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getTraderDefaults/m.esportesdasorte.com/w
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0846e5d04961c9a9a130a6faecc4a94595b788462104ceced09a5320b19b9250

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:36:40 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
968
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
0crl5g017X5n5dbN4kDyHQP1Ny0ziaPlOozMAHBbFTlC-ZHfqGvn4w==
w
odin.sportingtech.com/api/generic/getApplicationParameters/m.esportesdasorte.com/ Frame 75E9 		13 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getApplicationParameters/m.esportesdasorte.com/w
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
13e736c5dd229b5937aad528bef33717e5c00d11ce3762aeeb2abe5f332316fb

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:24:45 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1683
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
X3DjI_FdBqK6UXiBogwRMtEIte0p-i_HvawZgB3-wR7PlmH7LC3c4A==
/
www.facebook.com/tr/ Frame 0664 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316274250831486&ev=PageView&dl=https%3A%2F%2Festrelabet.com%2F&rl=&if=true&ts=1708451568447&cd[client_user_agent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36&cd[external_id]=a10e5e7f7e77fa258faa1a8b1becf37f9dc2d2379500ffdaa4969ae790291d9e&sw=1600&sh=1200&v=2.9.147&r=stable&a=gtmss&ec=1&o=4126&fbp=fb.1.1708451568446.889813411&ler=empty&cdl=API_unavailable&it=1708451568130&coo=false&eid=3dfc1d72-f9b9-4c58-aa14-5681d7f20b52&tm=1&exp=e3&rqm=GET
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
getPage
service.estrelabet.com//ajax/staticPage/ Frame 0664 		0
0
pixel
a.sportradarserving.com/ Frame 0664 		0
197 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/pixel?type=js&aid=1471&id=5525
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAAO5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/javascript; charset=UTF-8
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0664 		991 B
1007 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aba3f475c119b797b257b1b3b4db2970d96431f24610e40fb33afa20a4023d79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
991
GetRules
sb2frontend-altenar2.biahosted.com/api/BetMentor/ Frame 0664 		0
0
GetSystemParams
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ Frame 0664 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=american&deviceType=1&numFormat=en-GB
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7d22cd7f776ba1b231a9e96b9f63c745abc8f7cefaf1249cfb79f78bde1b6903
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4744
status
service.estrelabet.com//ajax/login/ Frame 0664 		0
0
primary-loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		114 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/primary-loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc63570827ac055bf3f5602f5a2dd318f00d7f8e2c76bc1228156f9a6353c6e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
cf-cache-status
HIT
age
3947
cf-polished
origSize=244263
content-length
116406
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ba27"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889b014f8c30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
secondary-loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/secondary-loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d364673ea6cb2a4ca51a803621f7f5c11496d0a62969ea7e5e00f7858b129e8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
cf-cache-status
HIT
age
10248
cf-polished
origSize=244323
content-length
112407
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-3ba63"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889b014f8d30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
tertiary_loader.gif
estrelabet.com/assets/img/loaders/ Frame 0664 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/img/loaders/tertiary_loader.gif
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f82fcf331ca01203b819fee779dfae0394751c1b2922500240f06c381696590

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
cf-cache-status
HIT
age
3947
cf-polished
origSize=27638
content-length
10406
cf-bgj
imgq:100,h2pri
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-6bf6"
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889b014f8e30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
pb.svg
estrelabet.com/assets/country_flags/ Frame 0664 		824 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/assets/country_flags/pb.svg
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9540d3f1b5a8314644f31cf046cdad3ab8af07ea5b53dec24c7ae0db20b8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3947
content-length
824
x-xss-protection
1; mode=block
last-modified
Tue, 20 Feb 2024 05:19:03 GMT
server
cloudflare
etag
"65d43647-338"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889b014f8f30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
/
www.facebook.com/tr/ Frame 0664 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316274250831486&ev=PageView&dl=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&rl=&if=true&ts=1708451568748&sw=1600&sh=1200&v=2.9.147&r=stable&a=gtmss&ec=2&o=4126&fbp=fb.1.1708451568748.116476548&ler=empty&cdl=API_unavailable&it=1708451568130&coo=false&exp=e3&rqm=GET
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
14400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Feb 2024 17:52:49 GMT
server
nginx
strict-transport-security
max-age=15552000
via
1.1 google
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
14400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Feb 2024 17:52:48 GMT
server
nginx
strict-transport-security
max-age=15552000
via
1.1 google
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0664 		991 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
aba3f475c119b797b257b1b3b4db2970d96431f24610e40fb33afa20a4023d79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
991
GetRules
sb2frontend-altenar2.biahosted.com/api/BetMentor/ Frame 0664 		299 B
330 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2frontend-altenar2.biahosted.com/api/BetMentor/GetRules?culture=en-GB&timezoneOffset=-60&integration=american&deviceType=1&numFormat=en-GB
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f099f709b8e8ed677ca7ca8700e4fc95152c467a36de975be5980960d56ff0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
age
1
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
85889b01ad4b1e14-FRA
content-length
135
GetSystemParams
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ Frame 0664 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=en-GB&timezoneOffset=-60&integration=american&deviceType=1&numFormat=en-GB
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7d22cd7f776ba1b231a9e96b9f63c745abc8f7cefaf1249cfb79f78bde1b6903
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4744
7.5faad6e7538c8680f448.js
estrelabet.com/ Frame 0664 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://estrelabet.com/7.5faad6e7538c8680f448.js
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/runtime.b4b0e39fd84f9fd922d0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15d45ad706dc0a8eefc8e9ff95df733cbdaa25c467902dd073526c1c07ae076

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 20 Feb 2024 06:06:15 GMT
server
cloudflare
age
7632
etag
W/"65d44157-cde"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
85889b017fcc30fa-FRA
expires
Tue, 20 Feb 2024 21:52:48 GMT
joiabet.js
adjs.media/resources/content/ Frame 041E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adjs.media/resources/content/joiabet.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7709a11d5562c79d85bd25e536f99de5ac78892e00e265bcc65918ba11e80e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
6117efb6-716d-4ed9-89cb-029e2cd41ae8
x-runtime
0.001772
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"7709a11d5562c79d85bd25e536f99de5"
x-download-options
noopen
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GyUBHfCmmOkgOJrpxAIGnaOD3p%2BHDIkJNDwM0KFBJdEc3ZWkWB4qyiJ1EKJg5KgLD0qPrwjB2%2Foz3Uoi16IR1cfJOt6dZMT09sKnubczF0KldMiGk9kN9lflswpF5I0BNlqk3V6u%2BRsB"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, private
cf-ray
85889b0308636f3a-CDG
pix_joiabet.js
scripts.prdredir.com/scripts/ Frame 041E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.prdredir.com/scripts/pix_joiabet.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P29M7QPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-runtime
0.012860
date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"448d305ad6e8d6b57c5e4d37afbf26c7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WHeKWaQK2QAMxP%2BdCv0olUgz0smDbCPBT0CNdvtSu%2BLGlwdJdJrAUn8Dlt7ucyfA8T00Vq%2BJpVpXv2xfkYZdF5BINfCSe3yNeugXCLqkXgEO3IbHnLbZ0a0UWRy8y5UcLGXxMToimgJowPvEYJRYp66"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
85889b01892d71b8-FRA
x-request-id
afa6081f-2831-4ad3-8bef-0d65bcec4f7d
blue-tag.min.js
event.getblue.io/js/ Frame 041E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/js/blue-tag.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P29M7QPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.85.30 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-85-30.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2024 16:24:53 GMT
etag
W/"9113-1708446293402"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
js
syncads.io/tag/ Frame 041E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://syncads.io/tag/js?rtid=UGH-1700705300228226
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P29M7QPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30435e41b3601b3a15bbbeaa15d884a1f1bdb0034c3fa906c81bb63bef98bff7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ERDuL3Wnca0M0KqNRwHaNfde5VlU5CFrH%2Ft6SnXaTrMEUEqztRSTG0pLkcCI%2F3OEHGb1JZ%2BgePgaL%2FlGc8SYToHe4IJuyzKMndH8TmsZB5G0nJkTat7d6z1P8x0oIslZrMBYuG9191X"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
85889b032a1e791b-CDG
alt-svc
h3=":443"; ma=86400
expires
0
js
www.googletagmanager.com/gtag/ Frame 041E 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BXVJJ6VJC2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P29M7QPV&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f0cbf8e5789cffc95156090ca57d408cfea21eb7137988cf0152e0ec124cd23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96221
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:48 GMT
StaticTranslations
sb2frontend-altenar2.biahosted.com/api/widget/ Frame 0664 		34 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2frontend-altenar2.biahosted.com/api/widget/StaticTranslations?culture=pt-BR&timezoneOffset=-60&integration=estrelabet&deviceType=1&numFormat=en-GB
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1ce8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f3ee67ad553afd0330f9d78badf138c999e272095e83470eaf17c9b153681d5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
age
3267
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=600
cf-ray
85889b01cd761e14-FRA
content-length
11471
GetCountryCode
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ Frame 0664 		20 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetCountryCode?culture=pt-BR&timezoneOffset=-60&integration=estrelabet&deviceType=1&numFormat=en-GB
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:48 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20
GetWidgetsConfiguration
sb2integration-altenar2.biahosted.com/api/Widget/ Frame 0664 		417 KB
19 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2integration-altenar2.biahosted.com/api/Widget/GetWidgetsConfiguration?culture=pt-BR&timezoneOffset=-60&integration=estrelabet&deviceType=1&numFormat=en-GB&theme=light
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:95a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1aaa9906b861a56ead626b363d23e80b52e6496ed8c50e9cce1c9f809838ab
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
gzip
via
1.1 google
strict-transport-security
max-age=2592000; includeSubDomains
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
85889b031b615c1a-FRA
v2
us.creativecdn.com/tags/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/tags/v2?type=json&tc=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST
access-control-allow-origin
https://estrelabet.com
access-control-max-age
3600
content-length
0
date
Tue, 20 Feb 2024 17:52:48 GMT
vary
Origin
StaticAPI.json
joiabet.com/data/ Frame 041E 		80 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://joiabet.com/data/StaticAPI.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:448a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb854d3d0d10135ed03d919d565f28b4d6350d43ea472525a47ffa02903819a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"ad8f69a88c99c0840a942456248b463a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQ1oSbUnjaZeAGGUFnH0YBMR8m5lVmBuGnL2ceYw7hgF36lq%2F1xiHZnglJGSnanXL2uii0FBfqbk%2B9B4XL99fbH1qoE%2FvM%2BIJzXuSiP6cAMskNCrtmmpl%2FIZAzNnz%2F75Ck5CQE%2FalWCkiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889b024ac3f160-CDG
priority
u=1,i
2_games.json
content.adminemx.com/ Frame 041E 		335 KB
42 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/2_games.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0740728090b8fc5dfbfd366139a0000aebf1460ed239639c7b2042caae477268
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
DYNAMIC
etag
W/"5eaf7aa1e4dccfa1563d7ea134263d5b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gYGH1bLbi%2BJn4xFW6COFgYl0DGZlTWUmzzNvfNGf5awVbRWNursBioleCGu%2BvAx%2B7IX1yB%2FDWQYMNSoKiNFRKbfyx43dOXJkjNDzE96%2F2MJy%2BBffczum%2FaYVxYd7jk%2FLRdibmu32IsiGBBhgfI3SBItgcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889b032f2eb772-AMS
alt-svc
h3=":443"; ma=86400
100_games.json
content.adminemx.com/ Frame 041E 		26 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/100_games.json
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd85c2b75029c6402b9405a1aae827d02eb67f382a60d33ea5f2a9a7b50d33c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
DYNAMIC
etag
W/"d4d2bbf40529c6a8cd7cd6a49ae4e278"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxIMQJeO4I8IN3%2BrNCUYVKkZYwEv0fntKVbvc47CdqnBsWvy9Ol2MzPWcJOEfjJvCSp%2BXSytUFV2u%2B2RnfuD0OmAtny3nu5%2Fgos6DsAKeRsZNuYOBvZRmPdjdt%2FJJ5e2aGs4RaZDXc1%2FQCazCtlUQ0uk6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
85889b032f35b772-AMS
alt-svc
h3=":443"; ma=86400
getCountries
ps.adminemx.com/ps/ips/ Frame 041E 		600 B
524 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps.adminemx.com/ps/ips/getCountries?&brandId=2
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
579e6c63b2c533f334bceb93a5b0f9c8534bd29037dfefdc50ba4bd2a184a433
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=180A8cslkWo6Nn1VLXHd8pMTac5HFcvYN7fKgKZE%2FQC4fflfpAMIToZW6LZhcQXa%2FlOoXlq%2B93S0udZ%2FyzhG5IygR8V9oUOClkSxJKrf7647dpth4LTStzbKWvLqzcA8CSLsQ4oNxZdvVJYp38I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
content-language
en
cf-ray
85889b068e6db936-AMS
alt-svc
h3=":443"; ma=86400
getBrandCurrencies
ps.adminemx.com/ps/ips/ Frame 041E 		41 B
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ps.adminemx.com/ps/ips/getBrandCurrencies?&brandId=2
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea583ad22621265b75e5d637ddbb0f6a8f12a2e51df1269755b94a89e56fff1
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3le7N0T5A26GrdKnzMbG3Sb0Ka1Tv6kG0Rrpuqtg6%2Brey7RTVnWwAMEE5gsS77VLDC48knIdak7LdH%2B%2Bwy6mWsEwbDhLYG58PY3J7HBYtlU7V%2FuPCheo2eyusP%2BzQIcpTsrq3GhV27iM93%2FJ%2Fhk%3D"}],"group":"cf-nel","max_age":604800}
content-language
en
access-control-allow-origin
*
content-type
text/javascript;charset=UTF-8
cf-ray
85889b065e10b936-AMS
alt-svc
h3=":443"; ma=86400
content-length
41
2960938.js
fw-cdn.com/2346572/ Frame 041E 		343 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw-cdn.com/2346572/2960938.js
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/main.687ebeaf.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.243.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-243-35.ams58.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b06d02174c9ec5579fb984d0613db6f2b58e159aee08133439e1b2cc8fc9e1d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
2Ihon9fpr4CJUWAu5E5r34o5NEbFfpWO
content-encoding
gzip
via
1.1 650363fa7465273dd14fde086a851a86.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 17:52:49 GMT
last-modified
Thu, 07 Dec 2023 14:39:24 GMT
server
AmazonS3
x-amz-cf-pop
AMS58-P1
age
34
x-amz-server-side-encryption
AES256
etag
W/"a1f892f6ceb06344d9c80402eb903a29"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=120
x-amz-cf-id
yROiNOLfxa22OaDObcNy1b37-BESIS_vdWv4_2lNcaUEIPS2Eul2fQ==
sort-24-px-3@3x.png
content.adminemx.com/maharajafortune/images/2020/ Frame 041E 		375 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/2020/sort-24-px-3@3x.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
787391de9d315c75e2c66ff2dff770235faaf0ba462f25fbd83dc7fd41119ec1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6846
alt-svc
h3=":443"; ma=86400
content-length
375
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"0376f76623b557823af54b010cbc2eb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2MEugPRRVR%2FYg2Hyn0rJ9pfFR7U8%2Fdk4JkkB%2FpZyiAWzveXUGKQs660oiRetoVvISLNdh0wzNjGIdvBw2rcOjUm1cBXIJOHqeC4R9sMVOvR%2Bf7J8GReMTMeWc7bVO8WCIdR5x30iQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b033a786d8b-MUC
Joiabet-Logo.png
content.adminemx.com/joiabet/ Frame 041E 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Joiabet-Logo.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37494d807956738f5183de11c36b1a6443a67c0c5df90f0a192d8e6a092610a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
23576
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7d6526024131a2a0d3321ba85e398d3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNIC1Jm5RMElYqYQbcxhGaC3k7WMpvvI7RHacNbU1PZ3V%2BD06sWGlhMdk89ZXRClRY0TCbQC3ohnp23C%2BiD0xHt6w%2B1%2FKdTNCASvclMJ289hnagm0yeNcKbYqAdhxbIgCx%2FGuhu60b2caWt6xlzhHNvxdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b033a7d6d8b-MUC
BR.svg
cdn.jsdelivr.net/gh/umidbekk/react-flag-kit@1/assets/ Frame 041E 		1 KB
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/umidbekk/react-flag-kit@1/assets/BR.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
131ed5196cec405192588cf5d8a116ad7e6a2144e9b74bf2ead3dc292a971cd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
1.1.1
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230100-FRA, cache-lga21974-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"522-eHqOtPCLqaeS/ylohLbkeoEZges"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tit%2B%2BQ%2BPQ2rMen5%2FjJb8PQH4yJ4d5ZDv9L4lcaRrJkhtPBmoQ2Pj%2Bds7muJs82m%2F3HHlCo%2BcZplPoDdn4tRQ48fR8meQC1iUyKIaxNWllwNPaGA1AjiVI2apbEvy6xgSAML4AymxglEH2g5lZ8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85889b02ae6d1c1c-FRA
GB.svg
cdn.jsdelivr.net/gh/umidbekk/react-flag-kit@1/assets/ Frame 041E 		1 KB
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/umidbekk/react-flag-kit@1/assets/GB.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0586bba544b83740698206c2fddefd89cf36a78f5385028bb394269547ae67cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37532
x-jsd-version
1.1.1
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230020-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"52e-qmGp/d7dKxbP4lIVqOMO4MXQRtE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mym6NGiCXgXj8LYIT3MVULBS6OpbkKJnvGfwEaFZz8GiVGKToCEz2S93H1a%2B7RvvcwpAUQBE%2B%2FQmiBt3YecPgXSet7LHYJ%2FSsXjquWFwTo9IjeVRqG%2Ff%2BbC%2BhfoWZmSxePpU9zRqymlZeLq1xY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
85889b02ae721c1c-FRA
live-casino.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		32 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/live-casino.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a829d8f1d91bbf73d2ffb269605e04e98da7d7d9bee9edbea95f550331cdb9e8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"353ab7cc01bab6df2f46df8fc186486e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQsC%2FEDA3H5jEWbjREIwKr3EILX8sEeAyXbHReYeAMVl7RvZimbQQH77zufyPkc2LH6I3k2ybeNC0NLsXWYDTo%2FQJF8kXYas4OzIYsRQzKp4tVZDxTPotMr%2BC%2BLhir2sF8OYAMMPiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b033a7a6d8b-MUC
crash-games.svg
content.adminemx.com/joiabet/icons/ Frame 041E 		22 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/icons/crash-games.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32db368d45a1ac5be7c16e128fc20b07b9e7fc6fab0a777857fccb16c97c4794
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"d16aeb096139b860e13505c22c7365bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8cMg900glCBIRaFg8d4LjLmA7YUG5qiErYm6DAeknnq3naFcxpiGOJTmYVfyGdSHH59Jc5dICESrbBh5uQt1a7DaJ7nISyE8YzfMYsTmRrGu%2FgsiGnkvqnxaCwureDOYvZts8CQsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b033a7e6d8b-MUC
JoiaBet_Crash_1800x330px.jpg
content.adminemx.com/joiabet/Sliders/ Frame 041E 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Sliders/JoiaBet_Crash_1800x330px.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e770b492a640d30b38867b8aa395f21c63f12ecb4d620a254efc1523300f6cf9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
107778
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ecef070513d646f2512e1719c0ef6a97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKltInRXLHhn0o0KIkeD4cjbSWiMunqL0z1%2Fw5XLf4fO4PoCgJKk%2BiAZvWbqJBOBrEnsOjrbrw3UeWw8dtw1IYmCBspfXXplX6PqVaaM3Ye1Fs%2Byvl7uOVoXe%2F5ldnQLC1ZjiCeFJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab566d8b-MUC
Esportes_Joia_1800x330px.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		399 KB
400 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/Esportes_Joia_1800x330px.jpg?v=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c9530333f960ee4377b50db0204a62be47cb0b868c6dc0f2bb012a9c27b593
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
408549
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"1b8c16eef084e3d8e18aaf007e0c0684"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAhk1ApS9XjSF%2BFrUpRdouwSeZkck%2BLtvy3M3quPHH2FO9qBPQaOzEMCDmSQULH1O3QQuJzAQvN9PkJ3eI93bsxvoF%2F%2FswYWYHwqV%2BHxm%2BlFFS48L4hfdzUZ%2BU1kRacHvxVwvah0bd1xRQ9Ia1%2B4PY6n0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab596d8b-MUC
AnoNovo_JoiaBet_1800x330px.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		455 KB
456 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/AnoNovo_JoiaBet_1800x330px.jpg?v=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56ccfb1351df840050b7813694f16e45c276cf3d91cbd6d3ff39f18ee7443864
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
465935
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"bac1877e63236f29af59ea7d8428bffc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5HirOPD7mw0ZoArJ81u5u9DMJvJeeRubxPeg22i7FPaf56eHoP4cHWfz5DV3QVH8iyEfAwf9B0VGY%2FqRcNIrbSrVGyQgZIMrzZIcckql8Ghz%2FR3ImoxvqAsctCCmO7dY0UXGs20CA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab5a6d8b-MUC
JoiaBet_Telegram_1800x330.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		409 KB
409 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/JoiaBet_Telegram_1800x330.jpg?v=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1a16c3493aa39a9dc7603d83ef633bec03d549d44ecda69bbfe0c41bec8203
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
418349
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ff448b85d274212fe3d8ce2c42b4806e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4KYoMTneb%2F6k1YluRxYbwdPc4wl4l7uN%2FUPsJjuLNNxrHkz5ddfC0%2BVop8irdnlXel%2FFRr%2FJD2nYCzCAbCnIdYDMaz9Z9cmlSKnML5uPpxKcRvkwQ0lFLglrWrIZLcF3u6oaQ5KqEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab5d6d8b-MUC
1800x330-JoiaBet_Sports.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		237 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/1800x330-JoiaBet_Sports.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e64725fcae8c42706632b6a8bb809a589d602dcb0343c22902fe251208bdcfa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
242313
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"3894190ba9fc6128728269f72a9e0e86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1Zi0SxVdJUetOIkYCptpIeCmZ35Ae04krxPbU6J%2FnIOvLoMFs868c2apUZoSETVXdOMGZ2cGoJIq5CUhPzFzPUlqTClzp9wJwm5hKQEKDn3IlPt1fySGa2vPO17kbU0TMRKM7Ns0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab5e6d8b-MUC
1800x330-Crash-Games.jpg
content.adminemx.com/joiabet/Sliders/ Frame 041E 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Sliders/1800x330-Crash-Games.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3aa6faf66c81f4241698f47e79d195766149046c67d1133fc25a912a623175
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
119820
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"199c6d8834f31581891787212e20af3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5vmLd5wOrIblCTkjVo%2F8SM%2Ff6GCKECxa5HY0KaN7c5JjlExkT8OQW1U%2FyaR3IlfeXo5ZzXOnoSoeDoaH6utZF9IDvOmsj%2BHZGI8%2Bh31TB2KsOM05wYh6WcfE1w3suJE%2BlhOCT4zvsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab646d8b-MUC
1800x330-DM.jpg
content.adminemx.com/joiabet/Sliders/ Frame 041E 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Sliders/1800x330-DM.jpg?v=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e2a20d90c5131c687c2b751a519c59e58c6911531c6a6b04ee93306704d885f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
144973
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"3dbbbb95cc83a3d412493bfe94d0f373"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7uH4v3e2pVRA%2FYSgomZYuHNt220nIwfbFPEwTIMJBYhaMeXy3qOdePb15rQXYyTaNNaj%2BXerzpVWEKpYijPjCGwWCe4i3kspINHoRQUOoEK9vZWeNLIUw%2B8rljqUU1pMNoRIkt4lNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ab666d8b-MUC
viva-brazil.svg
content.adminemx.com/joiabet/icons/ Frame 041E 		15 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/icons/viva-brazil.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d18f62e79c134215df351ed33ae4633d06c9d26a75b15ed2f827f4fc133785
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"8028602fde3965ab59a44a48ba6599ee"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPofv8zD1o4GVTECT6IQxpZvi55QrUw2i8R1xFoWwddMzM4DJh2w7pFUgfp%2Fada6gZPg2vOzWd8%2BwuSGusdBfe4XMBic45qO46GU%2F1SC%2FEDFrcGbtrj431mrFVlQ2Iye6hpGNdBCXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ab6a6d8b-MUC
new.svg
content.adminemx.com/joiabet/icons/ Frame 041E 		28 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/icons/new.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d026e325bf5b04e491c158a938b24020eba3d20a326633e3706fa8be5fa6015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f5a8b89823b2324413a43cf57478f4dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWUvF10y2%2F3TaJZVIVHyn%2F%2BTpn%2FcrZx1oQvPiJDXuDZT1kHb%2Ft%2FsNN0ITwGFLbyAchq%2FrxGQvKXvH5xUZZvW44US60Y0P9E7nGs9S0fc0Gyv%2B3tSr2M0goo7De2xSUB6zhUGLV3h2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ab6d6d8b-MUC
log-in.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		11 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/log-in.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6722d32f8643112eb443013bca30eae8c4a22ac55fe85a0d7e0f98798dba5cf0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4780bc75353730a0fe196a1d364dfd83"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRz5CzuCfc%2BDKzGiyj6OaBEqFQDIknjloE9qw5jhyZsyIU1pMKI6XIOsrb2%2FoKIYKDDvgjmvHRbp6ISflHdHuliCvYvtWFKPPaABIx49ShEuwB%2F%2F9dwPt8r%2BoWPyunByOKsq15eOdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebd46d8b-MUC
sign-up.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		15 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/sign-up.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b50a7717275164717e5601ffdde468787ff58649d61f5dde9cd94ae900df87
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"8c187b9fa6a06f12653e6e98af64b56d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9JkIlxZDpLfWOR%2FhI5uIv6S400XUmZ02re2PGWYhjeeVqAFiBmZW%2FXcmMdiKnBUqD%2B2r51dizpOdPEruJOBoEDEEwv7YOASMpHy%2FM2NL6FDRKubvw7u6pt7lE3qzW0X1GPX1tCEKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebd66d8b-MUC
casino.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		15 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/casino.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c1b3fd9ce47b16150dcae223525dea1ee27dcbeec5defc6fa58e33dae0d106
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f56734440ad139ed9b497e05acd3d17a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSe5%2FDe2aIOdRnbwvpWJmmqDnt0BhaHrPno6KFJrTGBnppffm35XP54BCJMMiHl5Er6FYRllxJ5RWWLivTFRed1NXLTHAQJubOu%2BVXZ3BJQ%2F%2Fn25KepPQroQesbxdty9Hi9sbqexEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebd86d8b-MUC
soccer-ball.svg
content.adminemx.com/joiabet/icons/ Frame 041E 		33 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/icons/soccer-ball.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0583ce7d9d8a29b652c018a094ea490cdbd5d9a30f8327dc177c5e42c9b5d328
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"90e1c63f26c939d929fef9c6fc8b8252"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BDk10TbEPixkMPS26qX1C5ORGXz7rSKtWg8UANbmAV4EapEPwHM9ZJtWkhDD3lNDmb%2BkqgSU54gY3Tda4thBhme%2Bo6lhSMFB%2Bw9pa2nXnHNrpqXN0SiohVkjmv%2FHrU9lvfn9RT9l8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebd96d8b-MUC
live-betting.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		48 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/live-betting.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fdaca079f6957a10ec08eef493f0781da2239eed241951a4aaec39de1faed00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"2ae82999f5da49217086f9bf407cd35b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtTAvolAKnm8Abr4weyBuPPIoKCnKgSIFhBeTmWaB0QkR7Zm1BWtXpF%2BIH%2F0WZ%2Fwici20wnPrurIo1ZXR1SAiZe8h7jLzEceyKXhoUrixMLmXinKZkNvaMjc9A5W5hnlfnMIxdLOTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebdd6d8b-MUC
promotions.svg
content.adminemx.com/maharajafortune/images/header-icons-v2/ Frame 041E 		32 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/header-icons-v2/promotions.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b273d214a51c7cbd48ed432c5532f9ca5166b714bbc5b39ecb046ec39fdc8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5a2756eb11c47b192c4475da1c08090e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VipDEI0IF1dYopYElmwScuZ41L4MgmL9WdCy6RJTmN%2BHUrBDgkSZIMk98xHgQUvL1Ao7B5F53FF0o%2BmB%2FY7Ul3ma8EXvMdncfM6kc7Hu5%2FmhG02ejGBBFT46mQ3wmM5zW0QuFZeyYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b03ebde6d8b-MUC
welcome-bonus-sports-copyline.png
content.adminemx.com/joiabet/promotions/ Frame 041E 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/welcome-bonus-sports-copyline.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef0e22f2cd7ab1c47df0b10b7ec82f5e507457383c8fd151b70aedbf2039c83b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
92064
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"31c24e0afdb8502d46aede5da0933351"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DAByuuNBLyopxZ5ALtvi%2F3F2PSiSxejxJJe7UTVyQLWWzlTH6MXTcTyXdUarrGsigty8b1gzPneG8Kzdtq5ov9l9%2Bvsa7oIBwY5oRghDXgfKRb%2BGYwTgMd374eb3c2bme%2BGEcjHeFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ebe06d8b-MUC
DM-copyline-BR.png
content.adminemx.com/joiabet/promotions/ Frame 041E 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/DM-copyline-BR.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6a80e7f90477cd923b649f02e8cc5228fc0e3ac99902d61ceae3d03d599f3f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
25236
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"010d6ea80da1d583285350470a95c83d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KIimzSur30WEBTjn7xtew3rv08%2BxwPPU2quIPV2siO%2FdCF3Bhe1ZdEFNjDnOouJlrwjwqLr8W%2BfhfRfEemDozKW0PMSvRywC2kiT2QdeowiLQ5fKWIRcj6s8OvuPnaT%2FMdSxURIBRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ebe36d8b-MUC
aviator-copyline.png
content.adminemx.com/joiabet/promotions/ Frame 041E 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/promotions/aviator-copyline.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c071e9c13012980cede4a801b7399bc35cd4a88d6e8b33e07d3c283584bcdfd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
21144
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"671b4b26699f92ba99008688549281c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ME8JxIFiZ%2Fm9TclJYRtTx0e69Po%2BR15V4SI71ezuOjv5pHvxZZV0L7sTzQ4jG52xLdROzQReudBmwatzWeksNjve7JFUYUaQlgTBUQM2DWCXf03c83wD7%2Bc1I5XQLgUXdJUEuqXyBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ebe46d8b-MUC
crash-game-copyline.png
content.adminemx.com/joiabet/Sliders/ Frame 041E 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Sliders/crash-game-copyline.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a978805b2c210518bbc69d35d6e4c19488869041ccafa6e523c4046d454206
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2437
alt-svc
h3=":443"; ma=86400
content-length
22276
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"d013bd5feccd94b01286c5ae8501762f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bomzU8n9oqgtoi9j1h66d00AgoJpSMMpsSW4kVNnCTBp2sqEWHI1bNGsFTbgxQsObplFbdRJQvefKIbr%2Fi1mfrsnzCl9Ac7M3SIj4mLdAI%2Ben7HA1HsWdqvqx2BscSXkJ%2BWbcFLI%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b03ebe56d8b-MUC
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 041E 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=footerPayload&locale=pt-BR
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
a0313fc3abc8605f7564670148102f46d3e4be5e65f50bbaa2be2e60c95a0611
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization
Bearer WjE6LZKc0xjqErN-VZOCSsgJUDxQbH8f-EA4GrUoVpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
1595692
cf-organization-id
5p16k9W70sLSfH3EzajCmO
cf-environment-uuid
e02d2896-9c7b-490c-81a2-24f22454558c
x-cache
HIT
cf-space-id
6y9dy1bxzywa
content-length
1321
x-served-by
cache-ewr18120-EWR, cache-fra-eddf8230054-FRA
x-contentful-request-id
77210c50-9113-4700-a85c-de5cb7cfda6c
cf-environment-id
master
server
Contentful
x-timer
S1708451569.254734,VS0,VE1
etag
W/"12616695420937322646"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
49, 1
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 041E 		646 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=home&locale=pt-BR
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
4bcc59ad30f4bdf7de985efbc35f50159ef4a2ae1234e5f2e9b5c2c2b8357638
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization
Bearer WjE6LZKc0xjqErN-VZOCSsgJUDxQbH8f-EA4GrUoVpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
contentful-api
cda
age
466349
cf-organization-id
5p16k9W70sLSfH3EzajCmO
cf-environment-uuid
e02d2896-9c7b-490c-81a2-24f22454558c
x-cache
HIT
cf-space-id
6y9dy1bxzywa
content-length
646
x-served-by
cache-ewr18155-EWR, cache-fra-eddf8230054-FRA
x-contentful-request-id
e3f98a42-3b50-4018-a36b-b2891da9c0c1
cf-environment-id
master
server
Contentful
x-timer
S1708451569.254694,VS0,VE1
etag
"13059966032019152937"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
85, 1
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 041E 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=slidersMaharaja&locale=pt-BR
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
0579f65b8e9a1efb8c62a1e834e96409f5a93e5f78a7bc266a25d8bb7f1c1584
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization
Bearer WjE6LZKc0xjqErN-VZOCSsgJUDxQbH8f-EA4GrUoVpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
1947567
cf-organization-id
5p16k9W70sLSfH3EzajCmO
cf-environment-uuid
e02d2896-9c7b-490c-81a2-24f22454558c
x-cache
HIT
cf-space-id
6y9dy1bxzywa
content-length
981
x-served-by
cache-ewr18134-EWR, cache-fra-eddf8230054-FRA
x-contentful-request-id
8551f3c0-6760-4cac-8eda-31b62bb8f6f4
cf-environment-id
master
server
Contentful
x-timer
S1708451569.255086,VS0,VE1
etag
W/"2720637399303713461"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
78, 1
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 041E 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=register&locale=pt-BR
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
efa5e125832873abce89a8003a73cc2da40824f21c3759294538bd9b288c09cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization
Bearer WjE6LZKc0xjqErN-VZOCSsgJUDxQbH8f-EA4GrUoVpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 varnish, 1.1 varnish
contentful-api
cda
age
288380
cf-organization-id
5p16k9W70sLSfH3EzajCmO
cf-environment-uuid
e02d2896-9c7b-490c-81a2-24f22454558c
x-cache
HIT
cf-space-id
6y9dy1bxzywa
content-length
858
x-served-by
cache-ewr18126-EWR, cache-fra-eddf8230054-FRA
x-contentful-request-id
797dd2fe-1c9e-4db2-a9f8-acb97300ea0a
cf-environment-id
master
server
Contentful
x-timer
S1708451569.255050,VS0,VE2
etag
W/"7525337439241227391"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
110, 1
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 041E 		953 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=completeRegistration&locale=pt-BR
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
9cd87aa2f367169e593e440ff821dcf72795b7dc3836bd18fb4e543cc5405f1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://joiabet.com/
accept-language
de-DE,de;q=0.9
X-Contentful-User-Agent
sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
Authorization
Bearer WjE6LZKc0xjqErN-VZOCSsgJUDxQbH8f-EA4GrUoVpA
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
contentful-api
cda
age
1945069
cf-organization-id
5p16k9W70sLSfH3EzajCmO
cf-environment-uuid
e02d2896-9c7b-490c-81a2-24f22454558c
x-cache
HIT
cf-space-id
6y9dy1bxzywa
content-length
953
x-served-by
cache-ewr18135-EWR, cache-fra-eddf8230054-FRA
x-contentful-request-id
2156fdd7-85ba-46cc-819f-e25bd5d702f1
cf-environment-id
master
server
Contentful
x-timer
S1708451569.254690,VS0,VE1
etag
"16121545965718558664"
access-control-max-age
86400
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/vnd.contentful.delivery.v1+json
access-control-allow-origin
*
access-control-expose-headers
Etag
accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
x-contentful-route
/spaces/:space/environments/:environment/entries
x-contentful-region
us-east-1
x-cache-hits
9, 1
getCountries
ps.adminemx.com/ps/ips/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ps.adminemx.com/ps/ips/getCountries?&brandId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
HEAD,DELETE,POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin
*
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85889b032844b936-AMS
content-length
0
date
Tue, 20 Feb 2024 17:52:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xaxF9mSdPLOYzbTG5qngbnOJduaUvFPfVqQCN52NxMtkZMGa4Zx7xHB0XwpzYM1sp5oarkJcZT6HV67VfKEcErST%2B78E4oCCDYiqVBIvTriRyQzEiSpqQ1p6M%2Fya5bcB2kR9sC5%2Bl%2FoWcF5qQb4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
access-control-request-method,Access-Control-Request-Headers
getBrandCurrencies
ps.adminemx.com/ps/ips/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ps.adminemx.com/ps/ips/getBrandCurrencies?&brandId=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
origin,x-requested-with,access-control-request-headers,content-type,access-control-request-method,accept
access-control-allow-methods
HEAD,DELETE,POST,GET,OPTIONS,PUT,PATCH
access-control-allow-origin
*
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
85889b032840b936-AMS
content-length
0
date
Tue, 20 Feb 2024 17:52:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QsU1Or4ggmG6MFMLbJLI0x4HMZL1UAV%2BoP0St63jWye9VizEY1ipYO17TgTTzjdhlZh2h7cyn52jnjW75k36WNxe3jDu3lArXPArEdCSji84%2BevasrkbFDcFQBeedd5AmQZW83%2FTVZ0dshXso4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
access-control-request-method,Access-Control-Request-Headers
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=footerPayload&locale=pt-BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
51697
date
Tue, 20 Feb 2024 17:52:49 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
688, 10
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
be683f4b-f870-45d7-acfa-d2ddcde1713d
x-served-by
cache-ewr18171-EWR, cache-fra-eddf8230054-FRA
x-timer
S1708451569.205818,VS0,VE0
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=home&locale=pt-BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
51697
date
Tue, 20 Feb 2024 17:52:49 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
2520, 9
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
15a041c5-5946-4c4d-80b5-352941777459
x-served-by
cache-ewr18155-EWR, cache-fra-eddf8230054-FRA
x-timer
S1708451569.206060,VS0,VE1
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=slidersMaharaja&locale=pt-BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
51696
date
Tue, 20 Feb 2024 17:52:49 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
2190, 10
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
8719f6e3-2905-4f79-958a-de996f4b7b93
x-served-by
cache-ewr18134-EWR, cache-fra-eddf8230054-FRA
x-timer
S1708451569.205486,VS0,VE0
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=register&locale=pt-BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
51697
date
Tue, 20 Feb 2024 17:52:49 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
2494, 11
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
a966a267-102d-4fcb-917e-022a41aaecd6
x-served-by
cache-ewr18126-EWR, cache-fra-eddf8230054-FRA
x-timer
S1708451569.205852,VS0,VE0
entries
cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn.contentful.com/spaces/6y9dy1bxzywa/environments/master/entries?content_type=completeRegistration&locale=pt-BR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.118.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Contentful /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-contentful-user-agent
Access-Control-Request-Method
GET
Origin
https://joiabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature,X-Contentful-Resource-Resolution
access-control-allow-methods
GET,HEAD,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
86400
age
51697
date
Tue, 20 Feb 2024 17:52:49 GMT
server
Contentful
via
1.1 varnish, 1.1 varnish
x-cache
HIT
x-cache-hits
2255, 9
x-content-type-options
nosniff
x-contentful-region
us-east-1
x-contentful-request-id
c1adeaa6-ae9b-4913-bf3d-c1efaa30864b
x-served-by
cache-ewr18135-EWR, cache-fra-eddf8230054-FRA
x-timer
S1708451569.206064,VS0,VE0
JoiaBet_Telegram_1920x1080.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		929 KB
930 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/joiabet/promotions/JoiaBet_Telegram_1920x1080.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e75818e0e5b39bb8b635962546e00955b87eae78ea6e80a284a5783a7afef8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://joiabet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6874
Content-Range
bytes 0-951264/951265
alt-svc
h3=":443"; ma=86400
Content-Length
951265
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"1e63ed95402c86b9bd1ece9eb404deea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5N4QiiuzRFqs7AEBv9aDB2Va7ggDeKZGlNPk6s1PZMMHesfWVTaWu07IWexB7NRqfflU%2FFdXyPzuEm5kHdXHCaFSZSzegs5XXRwFTSJzuCHUhto%2B%2BRRP9byEpxbNyO9l1OPUgDPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b044949b772-AMS
JoiaBet_Sports_PT_1920x1080.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		137 KB
138 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/joiabet/promotions/JoiaBet_Sports_PT_1920x1080.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9058168296552dece23021da0a588c423215b2b3948f61a55ebc77023fa124a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://joiabet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6874
Content-Range
bytes 0-140485/140486
alt-svc
h3=":443"; ma=86400
Content-Length
140486
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"89f0e8f1b1fd2520f8bb662c019afd9b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VvBYIx2Ac%2FAxwSHWlrRLTM3JSErJVTQ9QsIao4ZD8f3PWW5Ed6vtWHbhjVxViBWGdJXeAS0Ya7jfjsprmMFBb96iGXb5cvsUiohSO7EeE4ja0%2Fh4rQnUeoxUvg2ad3qVdD6tedHpiV3Vu1qvNOcCSL73hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b04494bb772-AMS
1920x1080-DM.jpg
content.adminemx.com/joiabet/promotions/ Frame 041E 		142 KB
143 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/joiabet/promotions/1920x1080-DM.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b511bdd39258b151a43c0fc96b7fcc3a5b857f80fe62f2e3cb86ebd3e4ce804
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://joiabet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6873
Content-Range
bytes 0-145727/145728
alt-svc
h3=":443"; ma=86400
Content-Length
145728
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"cd8b643863f64df628cab3da28e56c90"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Mriiq6KJiTQAXN0M7j4Iji8iNyUm4kBMaXrl2eN54p8Y9x%2BVT0lNHAT5rEQ6vi0jons75kyNL1SpzHjPa9erjCurENkaWnIlUQ6pgpV0dl%2BeINXXZRgzrqWIkcMU0zccs97WNkGow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b04494fb772-AMS
1920x1080-DM-Crash-game-bonus.jpg
content.adminemx.com/joiabet/Sliders/ Frame 041E 		157 KB
157 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://content.adminemx.com/joiabet/Sliders/1920x1080-DM-Crash-game-bonus.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df9030bcd568300d0f9104617fc07ab762e825ff3d772df7fc0c7183e7f4cdca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://joiabet.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
616
Content-Range
bytes 0-160489/160490
alt-svc
h3=":443"; ma=86400
Content-Length
160490
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"c7facc249a0fe2bfc487e10e4a3e6085"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pAWWHXFHKyFTVVn2tj10d0dkSGZXJQp9xwRvDYR7xp8Wo3u%2FxCBVruZsGKYVHhejUFwpiazM3o0GEjvJvAsfPKNZXky5T7zTlGoBDE3sl2fwExLrt%2FMFGx1SbRP%2BwY9Q2TkOQYN2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b044954b772-AMS
1x1.gif
a.mgid.com/ Frame 0664 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=766375&type=c&tg=&r=&nv=0&clid=&d=1708451569308
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889b0449945b88-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
1x1.gif
a.mgid.com/ Frame 0664 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451569309
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889b0459bb5b88-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
sdk-B2475334XK2ID.json
static.userguiding.com/media/ Frame 0664 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.userguiding.com/media/sdk-B2475334XK2ID.json
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:405 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
bf834f0369e9f25c8b3345d6ae681eb3ab5c132fdddb8fe688402d527ae2ec70
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=0; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
last-modified
Thu, 15 Feb 2024 22:02:19 GMT
server
cloudflare
etag
W/"1151-18daecac023"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7m3KXHOtmCU2wkPkfIeD2IRykNWgK9zi8%2B%2BiZhHlreYhIhTBPmqHm2%2F9OY1SVzLdxyjtBfT3amv7QcGvogd3tYe7137ObRLQQV%2BMuOpdhzEAl%2BNfhoH%2B5jlM%2FDmYFiQ%2BG3r1bSppLndf8LF6wdcPfLrQrpQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
x-sent
true
x-timestamp
1708451569575
cache-control
public, max-age=0
x-robots-tag
noindex,nofollow
cf-ray
85889b0528755d45-FRA
view
pagead2.googlesyndication.com/pcs/ Frame C24A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst1kvxQp_dKAuG6j8FRRKXi-iq4Yh0Vtnfv29lfurxHu154kWdRK_K5xE4LVRw1PfFlUywszGciRP4hWnmqLhldfUtBAg07Ec6RoXYh7QsDYEgBqUGUZ0H_BYJp_WSVhFh5WRDNkbExaGFZE_W1A-J65Uaqs_Jl8aPeUONg9eTMrfPJXbFwg8498LQ46fHA5A0iwV79TRa0a5x9ExhSiD3Xc9VgPny0ceSsT_847DVYvWvKfJuj39VfKrmBBKA396A-NdEmdz6yCGKcV9s_rlJS2sAVrnsBTRhMVV3ue5LCnGAHZOSxILvvaacMPIWACspgIaTAotl8kEfwTomBkt--3DZ49x_xQNlZID_PpQ9-w3b6hmsB_w0sB5sgXYRNUg1xrucTEXxPBhDPiKw&sig=Cg0ArKJSzMfZ0Jmo9iVeEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame C24A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
16342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 13:20:27 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame C24A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
16342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 13:20:27 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame C24A 		204 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 18:37:51 GMT
2673451816475337085
tpc.googlesyndication.com/simgad/ Frame C24A 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2673451816475337085
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dea5b5c9abad6d730ce4c212e46e5ad4ad25b90c5514d70120c75fe952033dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Wed, 19 Feb 2025 09:18:51 GMT
date
Tue, 20 Feb 2024 09:18:51 GMT
x-content-type-options
nosniff
age
30838
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102867
x-xss-protection
0
last-modified
Thu, 04 May 2023 15:42:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame C24A 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac40d6d1616e2eb650fb6ab67808f037e1d910b59233ed98ae274658174dc25d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
1x1.gif
a.mgid.com/ Frame 0664 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=715877&type=c&tg=&r=&nv=0&clid=&d=1708451569410
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:1::6813:814c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
cf-ray
85889b04fae65b88-VIE
alt-svc
h3=":443"; ma=86400
content-length
43
Joiabet-Logo.png
content.adminemx.com/joiabet/ Frame 041E 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/Joiabet-Logo.png
Requested by
Host: joiabet.com
URL: https://joiabet.com/static/js/2.db33c006.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37494d807956738f5183de11c36b1a6443a67c0c5df90f0a192d8e6a092610a3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1118
alt-svc
h3=":443"; ma=86400
content-length
23576
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7d6526024131a2a0d3321ba85e398d3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IlQIhdbKk%2B8V7XLY3ovlH7UDpQvpNp8qU1Rz98pPQSFsxmt5lXuE%2FpIWemJlFWuE%2BikrvC07712HJvWqZkVYEPQeDktG5WqEZSHarlc1Bx7hmwiFiQs0FED8iQLLwNeiCIw02GqVyq6JIao6%2FNL24ubIZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678716eeb-CDG
Gaming-Curacao-ClickToVerify.png
licensing.gaming-curacao.com/validator/images/ Frame 041E 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://licensing.gaming-curacao.com/validator/images/Gaming-Curacao-ClickToVerify.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4bfe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae0b47b7759973915e98c5838f30831bca432cec10b40da27733d7468d4b781c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
cf-cache-status
HIT
last-modified
Tue, 03 Mar 2020 15:32:44 GMT
server
cloudflare
age
4170
etag
"29a2-59ff503da5f00"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
85889b071deabb9b-FRA
content-length
10658
1X2.png
content.adminemx.com/game_provider/ Frame 041E 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/1X2.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1438d0317dcd6667d89e1a9be853a746ded5a3997b4cfdf41dc0bf34e5953ca3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5765
alt-svc
h3=":443"; ma=86400
content-length
18014
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"aa520212259d037212681b0eab49a405"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXiALQUqdUwGseFQQ5eXkdR7JAGliIR1PcLsBn%2FaaSPchtYLq4pJ8y8o8ZD4Hx4777zn%2FQaF7wi01yLrREwjNhwyHNRRAbjTD%2Fulh%2F%2BNH8JzFWufKrEcc7wNJMNOD7uBAeuzAEa7OVoobUhaukdTpOkrlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678766eeb-CDG
DARWIN.png
content.adminemx.com/game_provider/ Frame 041E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/DARWIN.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bab4f6d2b39ce930f1db2d67aadb2a50b7e52b1dae01cb22aa1805baf318c218
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1117
alt-svc
h3=":443"; ma=86400
content-length
3049
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"bc45f6984562ea5f1fcdccb2dff6be24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qwOfrGl5G9oCoRDurq8yWXitiV2ItjqYCCKeMXZdhAI6BT7PrdiQoukTyhnM1v1bfp1I2s1jFnXlwG3c8hT3t%2FNrWnVnExSGiPkQTtXT%2B3YpQSozEKD9bHaiKsv15uPL2bnJN4JP%2F4zzlQSng81i7Gw6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678796eeb-CDG
GALAXYS.png
content.adminemx.com/game_provider/ Frame 041E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/GALAXYS.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6446ced1f71125b304a5d8f68e109031ba2e63929d0a2d4367aa3694c91da9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5765
alt-svc
h3=":443"; ma=86400
content-length
4424
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"cba07ade82a7ec777bdf701dbff6661a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EfcuM2VYTAJmXsr2GvJqmtjIaarCdxRUsK4tvfxVFvCR7TAod7ql%2FBvFwnlm21Jb71Wy3t7v%2FjB5RuHfRMyyfQ%2BeqJjDFGYmiLfhME5MJ9KRe8ls6dQRDwn8B7oM8wGUt0hudMPjGWGRu21PyNXdDNvXbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06787a6eeb-CDG
PLAYNGO.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/PLAYNGO.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d59a27370cefd6ced25e29072320c9fd5283bd9d8e3eea15946a97d8fc967e13
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1117
alt-svc
h3=":443"; ma=86400
content-length
5065
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"2089012500909eb18088ba2413330f33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyxykkW0u9QRcjC%2FUpNYWdzz64K2AozJAK2mV90b44kAKIrXWRIWeJ0RPxgG3IrcdnviCxWkzUOhP2Ly92%2BdSbLAY%2FtwdWdSWuYz5b9HhnM6iyGRL5GMyyH39XwmEIE9edkITxv003Qvub7P3%2BsR99XCXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06787d6eeb-CDG
QUICKSPIN.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/QUICKSPIN.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5dcfc59813cafa702d1ae81676eeecb25ba8da775d02b693d21089e81fc7c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5765
alt-svc
h3=":443"; ma=86400
content-length
2129
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"d39e779db09c41fe1c4546d287b18553"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jADk4nWzwQl6wcZcVM8plVUup5pB1AK17jUkpmhbR6xnEZm3P3yHPy6N2AteBvXWH4bUvvayIMVIoATGejV2YOuhUIAgouRyFIq04MNYSR2qA1cMh4uhnc6Uxt4e86DsxWzBY0iIThP5B%2BvtLfa%2FSuDx7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678806eeb-CDG
PRAGMATICPLAY.png
content.adminemx.com/game_provider/ Frame 041E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/PRAGMATICPLAY.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c608236193671ee248614b6f3de63cccd0bb8da36ac5018bf3e5510272d55ef2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6193
alt-svc
h3=":443"; ma=86400
content-length
3901
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"3f4ed187c014908abd19ca09f6fbc544"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIRIN1%2BIFnucKxHWrIgCeFvqoLtCvn4VAHqz%2Fr%2ByejdNwu5%2BMlX7Gm%2B%2B9x3DicRmU0GoWd3j5lhK858DTH76cdm%2F56eRXH7SRqbZYVYwDks%2FCmyGZ%2F6uwuLin3rIcYAwzbmEDF0M5qHOx7%2BI1nHR%2B1HbFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678856eeb-CDG
MICROGAMING.png
content.adminemx.com/game_provider/ Frame 041E 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/MICROGAMING.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99813d7eb3ff828f803561dca30a62f14056de10f0a69ea8e3c0225e13e34d6b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1504
alt-svc
h3=":443"; ma=86400
content-length
7596
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"01ca8dea39f36376c91ac68579a57623"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4meB0TwHJaIq6ohsnwblc1yCHhhqGbiD9OiK2NQxIDkId3bFPCWAp6TFUcegSfDTmGAJ%2BRDyf%2Fwj9KNluIRw9doQKVbhfpywyZcMYW4g14W1LkfDPen7iUqC%2BZZ%2Fnyb9tN6ozzRjtzL3RfuGRInUJ4W2tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678896eeb-CDG
BLUEPRINT.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/BLUEPRINT.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2daa54f1c0b477fcfbbd8a46540e638d4317ebadf08bd773e87f50d63376bfc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6232
alt-svc
h3=":443"; ma=86400
content-length
4848
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"958f0452f9c0b706184ede8f6397b2b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAATwRMekd41So3SBnfXjKhAPETfF%2BaloEWroZRthl%2FgmPkRlacZhdTDoSFoHYCdQCLSCSXctGnFwr%2BZylQC11gvT6ydYRhav3jOc3Zl4%2F7zaWPF%2BHNerisIP1WRRMtThAWojZTBkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06788b6eeb-CDG
CALETA.png
content.adminemx.com/game_provider/ Frame 041E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/CALETA.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e9802f8ec9180b0552512ab0f11f6d86c70881ecda9f87f7d5374b8aaeddeb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
4205
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"538d56f80f80af9506d151c1f7070aac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UetlJK2yVi5ugvcmJDdiZQFZYq%2FYBJmrAZFEIasEK1w3V0B9AZyom1rxtY0VmXsVlleqj%2BU0fe9dDoQl2FdWAmFW9rW7f17I81Gt%2BPwGftkt%2BgsaxYVBX%2F2gEYtP9EQaUZ7KNenWYVyCJs9OH7NfRLz5YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06788e6eeb-CDG
NETENT.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/NETENT.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef919f75f2086fb89cd378747ce627b528d3b1615408a25a93654a279acb948b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1117
alt-svc
h3=":443"; ma=86400
content-length
1691
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"7372d7cae4cf0c0b86d8e0f45c441dbd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZmSmTNQsLe1Ugozo5PpW07Brf0RweUdKwrO2MlG22XHtlDu4zWvB8QnzzmeOTvkguJmf71%2BKl5RLVfoJ%2FSmwPjuIZDqkqh7kYdGa0iBH0gzdqxcLFeQuUjOz6refHxEaZ2M6ymSrgXCD81GGS%2BvX%2BuT9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678906eeb-CDG
RELAXGAMING.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/RELAXGAMING.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ec0426720140dd717d925d7d1376074f2b04bb2e431bedb2af03f005127cdf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5137
alt-svc
h3=":443"; ma=86400
content-length
1995
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"56232b9cbde8af36d662a613282127a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRRTjRxCgBks4ofyKHrl9P2CKuQpc%2FukG3FbyvYVoP6KYEhqa9KFTkXFhm6gXg3FINMUA1gcE8vIsQPzwHlZrPIGnzrLIFBVzjL2lV0B1PYwcQE9xbeyPAKlqus5BlcUkg7bEelAPEO%2FxNLI4w603v5Ifw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678926eeb-CDG
PLAYSON.png
content.adminemx.com/game_provider/ Frame 041E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/PLAYSON.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fadba8c6d5c24d8b9d9d6085687353e5f91ac56c1786d70ca388e62ce8307ec8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5844
alt-svc
h3=":443"; ma=86400
content-length
1393
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"278b8868df6407805562c66f10ad6510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIqQ3oaQwv%2FNul4%2FvbfuwNI3qbFPh8lAS6AoE0TXpmoCySqxz3zwWA%2F0YFug9pk2%2FvZla0BXDawWfhLWhiZ0XDDa0ZdG6gX8Qxs%2FpXscHULALZ9It64CbH3BZY8LR6Bkop9Y1ikOiUjLk2Q%2BuX6b%2F3dzqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678956eeb-CDG
BOOMINGGAMES.png
content.adminemx.com/game_provider/ Frame 041E 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/BOOMINGGAMES.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e0bc7dbd390b89b740d51078483c65757043c41646e46e237c4790658abfe3b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1117
alt-svc
h3=":443"; ma=86400
content-length
3255
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8431aed1e780b99c8ae261ea972736e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLZHLwq3lrqrL%2BucA8BDZd%2FMKW2ORl%2FVvuP41uXKObV6AzatPM%2BvYBL8LTwC1e%2BLhViDOFmyq0yIX%2FLgk53BPdewV5oici1RDlatzqrTbgn3ABTTRCFP9g8wgEZZJcC4MTk4UhNHqD3hMztt2EPrg2OtoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678976eeb-CDG
REDTIGER.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/REDTIGER.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cdf77c43125fb6afe4e2169a1d480b03875629a3688cf6b57bd552407e37b9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
2471
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"92cf4b37cbbbb1723a0eda6915a369aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2F%2FoGJMt%2BNSpv2qJej9sMmxEvsh9PvQTGK5op2SMtMd37lHkONPHaeP%2B%2FFAC8DA8DVJfku3%2BIVDO%2FEY1QhV4s53bbWB7sae9N%2BJ3u6yqw3J8BliCGMLU6IEYrSAJ5M0yX9XcvQwIqSz8KtPRjDdkY%2FkWlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678996eeb-CDG
ONETOUCH.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/ONETOUCH.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0203378bce1f58fe1726031684bbf59b3fa710dc1479ecb4bba5cd6d2cd1e4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4840
alt-svc
h3=":443"; ma=86400
content-length
5050
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"ffa31e091ee1c8cbf16b65a12942809b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iypZNyjH%2BzdMB8N0tIUH5ax3ZqHl5P%2FT5Ny5tzQmzr9nKqHc9KwE2%2FSn06g%2BXAK77tBAaBTRuoPuYkrSHSmHaOxaqJqjEnKxdgjsKslPY2a5wt%2F2VFlAiVGN7KYdD%2FtcJAW3q77I09QUKcg9tPY7V63BGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06789b6eeb-CDG
TOMHORN.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/TOMHORN.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c9ca45657c8b062f678ccc4bb3a5caf9025e949db147c7ec415bb1ad108ac72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4840
alt-svc
h3=":443"; ma=86400
content-length
5577
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"d63185559a919dc03ccff4d67cdbdf3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BIMgp2WcN0ySK5k5Rq6qI8XUBkW9RN1O67gT6MgOv5hpVcRqTC23x8NP2NJs1tgCgBcnU7Gc1m9CSkbBl%2B6ticLSFf1uv9awbJCLYs30dZ%2B4NkTUfvFL7JLYR10d0sfeAu6YUYgnvYQsLqn4DvEUtiJLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b06789e6eeb-CDG
EVOPLAY.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/EVOPLAY.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edd0e278e303c2e2eee1375c8a377804d2c6ccc6506207ad7cb71b19a10c66ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4000
alt-svc
h3=":443"; ma=86400
content-length
1679
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8156c552b0c0a928dfc820f7f97b4e91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EczyC%2BSo3Kepbgwkg6xQi5rxI4RbruEMOz%2BudxguZGoxDqwi0%2FFY7YSCLVzj2t8a2TQyiQyGBLIDfI9Jx41%2FTjg268xjY%2FpBRE4BjSOwYREYfMIJ9Y7hdFlE3xk8AvVdyCoBsBqE8qKYs%2Bj7Zw5PX6X8%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678a16eeb-CDG
GAMEART.png
content.adminemx.com/game_provider/ Frame 041E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/GAMEART.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
931662a32cbe26f70f9e25065b02ea62e22fdd213638950ddf1241e2a14030ef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
1353
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"0a7489222785a714ffbb994c87e5fa6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFsFEQZs73EpEhRbhCZVD08Y80WwWLudnllo8Hu9zdguVPJFkDBq46Oug%2BCCdRCYvQE0FRO3rL3V03iV7%2BFnwTz2b3E4rXu%2FtI4tylJ9sQY02TqokrtniXU%2BsLD7QO69YvsdN8E5KC%2BO8UDPafkU5mPHtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678a46eeb-CDG
HABANERO.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/HABANERO.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebd0eca59186e292e7b441ece444770ccf6221e790345088ca10399d84c4865
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3999
alt-svc
h3=":443"; ma=86400
content-length
2364
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"494abf202f0213d5e7e695747aa3ba18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l84lSXBF8sLytPR7rijXbb%2Fo5FHxYvCGX0EoVlM3VAXeM7%2BuldtnYup947lBRk8soEkJRgmwtNZD%2FH2ol5ADmLHegHh46Q%2BAimOF7msy8%2BQ78IbFJWd%2ByAFDI%2FLjOX3yeCUzYAD3shTvFPZ%2BFwsQQofoKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678a66eeb-CDG
SPRIBE.png
content.adminemx.com/game_provider/ Frame 041E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/SPRIBE.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02abaac450f37764862b5b5029b4c949fc647058d64fc1c9d3465b9287b062e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
content-length
1204
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"a28df81dcade85aaf9f8ba9c86c6f31b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cpY89ioaLknMiOiHUFAsHS1BjW%2BsOWSFU4F06XFsiNzGDAyStDBc3%2BTAboOdHT4NMPPyULcPXbCowGTSamDogVq16ePLmrprNMJ2KFsOnVwNmbUwzWrQdxTGa7a%2B1SFlswxgNRnNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678a76eeb-CDG
WAZDAN.png
content.adminemx.com/game_provider/ Frame 041E 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/WAZDAN.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6ffe6a213d12a5bbb5db9524730e99cc161afb671773b4a715c7c01a51bbd85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
content-length
1460
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"43f6ec88f1b6440c2f9c4277f1232a5e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtjN61pjrKlQlmXG8za7B%2FiaTO870NrYx8376V4%2FMgp4NQX0x3P36yES88q7%2FwFm0ORSIZkjJnj%2B0Cm2s0Eg5VWqmJLbYqEeQ0ImKKxaeeQZdA20L2S%2Fr%2FRkhbe14UrfkbattBDP4sLXxq57P1eDyO4kqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678aa6eeb-CDG
REDRAKE.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/REDRAKE.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b3d15bf7cacc7a9fca96c09a4be1c8b3a820a22a2b49559f27eb4c7a9d80f5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6193
alt-svc
h3=":443"; ma=86400
content-length
5475
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"b70364ca82c71d7226a2726acfe40fe3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yai9eKZb5AKjPSMF6wyFxP%2BibT%2BM503lR73PrDNogTrw9ZbICyHTv0XDR7fX%2BU9iWyj40vB9hhFdiWHoJdMsGO%2BjxMA8spgX3eBUghH3yJwOYH2mvURjGzm1ePcHi36dwMxGBSrPUUT3mIg5Z1Tt3RqJpA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678af6eeb-CDG
4THEPLAYER.png
content.adminemx.com/game_provider/ Frame 041E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/4THEPLAYER.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01fe1c152acd2a61b08db213a76efbbc287a705a853f3aa19018cce86a78e1d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5844
alt-svc
h3=":443"; ma=86400
content-length
2734
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"87d460e4dfd1a3d31694122231505dbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7vCxMkpEWfnjb0ohSYefJIcbp69VF6KRvQxrnrSObiiENg0gsyTHjgwGYh5DyzHe1BcvENyRPc9Cm37cUWTY891H7i6WjIgx7aEJ1yRs1g1KjOhh7CdDg7vrD%2FrfBwJz8%2FHS6Krk9Gvw598dQ2RtQADpLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678b26eeb-CDG
EVOLUTION.png
content.adminemx.com/game_provider/ Frame 041E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/EVOLUTION.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607fb040fbdf19f68b37db329b6722a4a2749a5230e27ce43c59b7c24602d24e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
1976
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"c78c1f30e155d063a99068f914d212d2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wj%2B4B%2FpH1nd1gKRjK2wAfBOEXFoBtSq4Hivyt8RZJLDbf3NoXnmWfe9sIG7zygHeZgtxW%2BXfhJayr%2FzqEu4AQ24XkTXP4on4tX86uMIoswzcWhVfYhpZMi%2FcmuLl3iZcNQQQdHgzYi3NXFev1XkIGx4BOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678b56eeb-CDG
TVBET.png
content.adminemx.com/game_provider/ Frame 041E 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/game_provider/TVBET.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5045df2c035f5fddbd87299135efa1f96ff827ec9eecd19f01aa9ff6b45bdfe3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
5031
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"599aea51fd084e6d1240d3e4244cd429"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtID8CSeerR%2BlTTUFFlNNLFsma5iwjs4RIudW5ngFbpevJuTdCOWbNIBelx68Q1aoaOHIhvqJ04G0Nirm5YGj8vMK4AVBR%2BptLvPS1a2vuFTRqRxDLWX2wal0WOEtdjoEqjRmxc3liMpHPiggZfuoMWNpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678b66eeb-CDG
CASHIP_PIX.svg
content.adminemx.com/maharajafortune/images/payments/SVGICONS/ Frame 041E 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/payments/SVGICONS/CASHIP_PIX.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d9627c36161c4cea738f0d4088886b6f4c5856dd5eb898dcf26f1a14d087fab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"4504bec3dd45d97288472abf830a42c6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OyPjP%2B8HDkkEHyypjoaM26nTF%2B2KXqiJy1oGSI4WGLT7BOoxyRZ3Cs9HLq5nZE6SoyIXQU5nbMZbyizqQkp4BbWrknPtgovxCfw3Xq%2B7YblionuuY%2Bf7mWOw1o1kkM1iHqu%2Fv%2FWAMldwgMynQ6fEYXvuHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678b96eeb-CDG
onlinecassino.com.br.svg
content.adminemx.com/joiabet/ Frame 041E 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/onlinecassino.com.br.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7deef357745754394cfaae6955d9237af698b115b325f3a2bdf0d28feec46dc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"f59e7f21e66406e15598ce46575c0bb3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GQ7cquRMG8VamvexCQjdGOWlk%2FCXqRj6%2BH1JnA5K%2BhDgnf%2B1NaY7hGigvSw%2F4xsMX%2BLo1RMVydzp51FpIE%2FpajD2Gbt%2FiifaTTSmUnZ%2B7ME%2FJP1SnSAL70o7Cs9Qa6sqM4%2FT3t1ze0WfaL6%2BjUf%2FCjIIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678ba6eeb-CDG
icons8-facebook-480.svg
content.adminemx.com/joiabet/socials/ Frame 041E 		809 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/socials/icons8-facebook-480.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7399db96bff229a7c80b3301964c778bd9c4fc156818b1b768d0bd361b19f719
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"936d940b7511965bda11b9181fd999f0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBmrHVtcMEqaMaAFYHqo%2FPHVliy7qdq9ihD6ZL0iNoDgzX8iL2dFGuWRxLGuAKLmUDJwZB%2BMPy3E5T%2FcTX%2BV5jAAZAcZVq7W1VlonXg7DFi55qMziVrONLQEC1svUJUfQWSbqwVzYg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678be6eeb-CDG
icons8-instagram-480.svg
content.adminemx.com/joiabet/socials/ Frame 041E 		707 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/socials/icons8-instagram-480.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39e9cd4612099dc9221510f217effd09e78e0b621f52644c2e03ea6a5a00060c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"6b20e6fbad4cbe69010e445380453d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oSbVEvqo%2BtUYugGkpzEzUkTodBKiBry241fsqlT3JkUp5rXDn2aXzilyK3iJ6Hu64qlzQr2suQoXP6GS3m62ZWY%2FsdVc7TupLy8NvprDigSUqjsWjcaYdQ5l%2BCxdRRgkgTQFVCeJV5XF1JWJSsmpx6mNrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678c06eeb-CDG
icons8-twitterx-480.svg
content.adminemx.com/joiabet/socials/ Frame 041E 		1 KB
981 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/socials/icons8-twitterx-480.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ca109e6f0e16e9822e41ba37a530a8764aaa897a43c7f98e23707d2266227fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"77dd074f735299bd81548517bb3872fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83NHGrrbeTP16XThuwe4KhZtKofl76c8lLIahRsxWXWbpctho4mYKSQuisav%2F0WXFSpqrBR3EuzxTDxi%2FMjpWul4cttfmvNnlG4K2cj8AY6yfrlddNZLZi9clviOGdETNY4QK1tFpksjgLE6YDtCnKYsEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678c56eeb-CDG
icons8-telegram-480.svg
content.adminemx.com/joiabet/socials/ Frame 041E 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/joiabet/socials/icons8-telegram-480.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93167c0034b44c66c3f816834eb4cbbaf5aea72ecdd2f280113d64f29289f9d9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3744
alt-svc
h3=":443"; ma=86400
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"1c0ab36b960e6b065d8216875fcc349e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htJNIYL8pnrMx7duiEyt2ke7Fo8vRvzLW5PhvuTjIKLEbAJ4K%2FSEHrlUvxeQHuRWw5m%2FDHcfYqtXogDkWOO0kSnHxxpaosv%2Bucxx%2BBjxb0UoapXxFiTq%2BvK3Faw6EJ4D0xdvSlCruDoR8rt0dFrtV1DCnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
85889b0678c76eeb-CDG
more.png
content.adminemx.com/maharajafortune/images/mobilenav/ Frame 041E 		531 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content.adminemx.com/maharajafortune/images/mobilenav/more.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77908db0f0e0ef6b2323479796d08b8e0a8c1550457942af0732703517c1c814
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7137
alt-svc
h3=":443"; ma=86400
content-length
531
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
"8f043affff27fb9f98f870cf5d4826e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVXLU4KJTxrow1wyxq9OkpiRAU4TILv8JaQc2sTI%2BEGP8%2B3OAkdQGulGvBq4VRnkfU193sdnp64Wd26dxzoMtUBx2KYkVXaZJ5cj4GZLjWbxE8WLEgij9VDjtcqhuDjfFsdDhuY%2BPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
accept-ranges
bytes
cf-ray
85889b0678c86eeb-CDG
/
app.posthog.com/api/surveys/ Frame 0664 		15 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/api/surveys/?token=phc_wUcGl0XPucm5gSawpdPMBP8mdQoXUO9HgrvFHndWc8P&ip=1&_=1708451569866&ver=1.107.0
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0215eabc84d0abf65e91810ea80b0cc94f3502d8fcc59846bd7ea450fe7d6d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889b07cda38ff8-FRA
access-control-allow-headers
X-Requested-With,Content-Type
content-length
15
m
odin.sportingtech.com/api/generic/getTraderModules/m.esportesdasorte.com/ Frame 75E9 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getTraderModules/m.esportesdasorte.com/m
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b7c5aba1f7f66f034ac64eb0a959de175d03434650244d6f65699e7cda3a7912

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:42:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
595
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.19:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
cA2bA1Q9MEJyk7Ys9V3gsB0XGadUAYQGC9ZkUCa0CtMLlaKx_hWQAQ==
23
odin.sportingtech.com/api/generic/getTraderPages/m.esportesdasorte.com/m/ Frame 75E9 		66 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getTraderPages/m.esportesdasorte.com/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d4f9b390b37795f01c27bdd403af3a942fdd7cc9e547f3d28fd3713e0d1a496

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:42:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
596
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
kO89qKnLODiSXlphUuxMXzZ63jua-_giL3KwVo8ewYCf4atG7qdrxA==
303.5a80cb5b77f5e9be.js
m.esportesdasorte.com/ Frame 75E9 		1 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/303.5a80cb5b77f5e9be.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
7946a9ea76e1fe4bb6f53e85385897b4860ec53eada18d8ca659ae477f94fc22

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-4e2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
IlZ4GqtOtKVYW9i5FKHmNWMXPGzsuQEdnDLUMzCKYVpTllbISlHoNQ==
504.5adce42212df3866.js
m.esportesdasorte.com/ Frame 75E9 		230 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/504.5adce42212df3866.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
1f856be9d8fa19c18ac1550b266f0edb45cdc088cfac57cedaffdbeb8e247b56

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-399d7"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
pqdJOVjhAJ4K0QaSN9Njv6Vm-83Vry7y_rnlN07bh78Ak9MNMqD9MQ==
531.44463f241b6eb877.js
m.esportesdasorte.com/ Frame 75E9 		74 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/531.44463f241b6eb877.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
b18c1aa4f8fca6533fe5b5802b220ce2cbe6cbd9c23b01878f64a832e0f7386f

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1269c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
xyJCnIJZQSH47HwYXJBmJgtAf_H-izpLuKlHq2G7fGpyIXYni3YsoQ==
722.40b4761d46d113f6.js
m.esportesdasorte.com/ Frame 75E9 		1 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/722.40b4761d46d113f6.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
bc29d71b4c02a98903e77e76f394f5167ff241afbe4df9b3ffb2a80a49d799d2

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-428"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
fV1b2SutB9xfCcySa6-vvtt_7WEi2JrrDHlgfjdYOf640ZKZQIjsOg==
59.6f9680a4166415ef.js
m.esportesdasorte.com/ Frame 75E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/59.6f9680a4166415ef.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
b8b0d38101ce267af1f16bce80c5898f68142c8666d13c987b72b35ebb8ffa04

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-84e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
HX7xLOeXKWMw9W2U9NotMkHPN6jwC2QIuDZgSAGgEGprVdPVCs41yw==
498.eaeb6aff38bb3a1a.js
m.esportesdasorte.com/ Frame 75E9 		123 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/498.eaeb6aff38bb3a1a.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
d29f63b34d0b3c4bd6dab3521eff9a1231fa7c795f13586a75b601b309625a74

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1ea6c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
4QrTBZOcOnT5tB3ASRDZTBf91yquqODSQVmsez3ZMK18fjPom3HwBQ==
294.03ba18c04ae012ca.js
m.esportesdasorte.com/ Frame 75E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/294.03ba18c04ae012ca.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
a79f20d69828d1ec44d560f4b9b28b9afd76c05ca00b24909126f654f097ed1f

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-830"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
V_s4OQ_paK0LI08-uQybGRbjG-rAjAaHsI_KkQYpsKO6epbLPT005g==
68.ee013c1f5f2d02d7.js
m.esportesdasorte.com/ Frame 75E9 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/68.ee013c1f5f2d02d7.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
3cf1c12cb36b8d73264a7f612f240e6ce03d85ace3268b7fa1cc39f4e7c6817e

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1be2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
iq-hlYHB-QjtFT9mzJrtyMumkTtYi1P3rCc3Kd3aLNUFeUTBrlo_Fw==
logo.png
m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/ Frame 75E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/logo.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
4c2aaeed01a8da8ff28038839bf02a197c7931a079ca49bbfb117f086106f6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3
etag
"65cba317-ab4"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2740
x-amz-cf-id
l-GsEf5qxG7Z7vkdQyCPmQZBDIRRS7EKMPM2OufIA0oN6zhw7PpOMg==
sync
rtg.prdredir.com/ Frame 041E 		43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtg.prdredir.com/sync?ref=&lp=https%3A%2F%2Fjoiabet.com%2Fpt-BR%2F%3Ftoken%3D3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk&sh=1200&sw=1600&date=1708451570079&fp=uid-7780535894.1474732103
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:772 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline; filename="pixel.gif"
content-length
43
x-xss-protection
1; mode=block
x-request-id
b0edf982-cb8c-49e3-ad5e-23fdfcb8d981
x-runtime
0.001873
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FfDTMD%2F3RH4RZq6798tPHVrKryAsbDR3kXB5JieSB0Yh54TFRcGatIesBHdFNGERpdr8W5ILMDBrM%2FC2QKJWbFEBpZVANIONp6TqfbGqFWuzZ6iL0YJOParT2t7%2BFMNvZvTyhV2fhbEIZkSnrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
85889b095cb371b8-FRA
estrelabet-logo.svg
estrelabet.com/uploads/media/EST/ Frame 0664 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://estrelabet.com/uploads/media/EST/estrelabet-logo.svg?website-logo
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:630 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a8df989f82869867f2fd9b635416a6ecd80ca33dee35f7a897e75bda77ba15d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
3949
content-length
5426
x-xss-protection
1; mode=block
last-modified
Tue, 19 Sep 2023 18:38:04 GMT
server
cloudflare
etag
"6509ea8c-1532"
x-frame-options
SAMEORIGIN, Allow-From *.betsrocket.app, Allow-From *.analistasdabet.com, Allow-From *.afiliagamingapp.com, Allow-From api.iagamingapp.com, Allow-From *.gamingapp.com.br, Allow-From *.presenteestrella.com, Allow-From *.betinfo.com.br, Allow-From *.betzord.com, Allow-From *.fielucastylty.com, Allow-From *.portallucastylty.com, Allow-From *.otavioslot.net, Allow-From *.clarklobo.pro, Allow-From *.claudinvest.vip, Allow-From *.presentedocacique.com, Allow-From *.betlion.memberz.com.br, Allow-From *.clevernt.com, Allow-From *.cleverwebserver.com, Allow-From cassinoscore.com, Allow-From appblack.online, Allow-From *.neobet.fun, Allow-From neobet.fun, Allow-From *.estrelabetbr.live, Allow-From estrelabetbr.live, Allow-From *.estrelabetoficial.fun, Allow-From estrelabetoficial.fun, Allow-From *.estrelabetbr.online, Allow-From estrelabetbr.online, Allow-From *.neobetacademy.com, Allow-From neobetacademy.com, Allow-From appblack.online, Allow-From *.appblack.online, Allow-From autobetapp.com, Allow-From *.autobetapp.com
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
85889b09bdfa30fa-FRA
expires
Tue, 20 Feb 2024 21:52:50 GMT
event_collector
pdp-service.retargetly.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
85889b0a68f73aa2-FRA
content-length
0
date
Tue, 20 Feb 2024 17:52:50 GMT
server
cloudflare
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
event_collector
pdp-service.retargetly.com/ Frame 0664 		29 B
306 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pdp-service.retargetly.com/event_collector
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4801ec24fa72b83046265ea9fc7d272a57ec5204bc56507b9df80148324cf8c8

Request headers

Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
request_id
dd4702ba-d018-11ee-8401-72380da9d70f
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
POST, OPTIONS, GET, PUT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889b0b59d33aa2-FRA
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
29
wmetrics
metrics.dataroyal.io/ Frame 0664 		0
316 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://metrics.dataroyal.io/wmetrics?rtid=ADQ-1692045473459679&lg=en-us&sr=1600x1200&fr=1&dr=&dl=https%3A%2F%2Festrelabet.com%2Fpb%2Fcadastro%3Faffid%3D130009%26cxd%3Dawppqsjswdzfdmrgybnvewfci%26utm_campaign%3DCM_BR_SB_DT_ESTRELABET_TNONLINE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by
Host: metrics.dataroyal.io
URL: https://metrics.dataroyal.io/tag/js?rtid=ADQ-1692045473459679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Urr1F5S%2FogUIXXTqs9VXD1Sovb7XxrbvJV6Cto12n1dHraYJmDbtb3avDhMB7yAhSTD0ch34up%2B59DlvwMqbfXVRIrvfk6XAcTHOxQBvxtMzlsvlv%2F57sy3dtHfRXUQW6I4LV8x%2FPHPGT%2BhORlSdhy1Hmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85889b09e930f0cf-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
api
api.retargetly.com/ Frame 75BC 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=5012&src=5&url=&browserUrl=undefined&ref=https%3A%2F%2Festrelabet.com%2F&utmz=&n=&md=&mk=&il=2&limit_drop=&userid=9c337ada-0ec4-4852-bf6c-8aadb0728fc3&fullVersionList=&platform=
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=5012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889b09ea8b923d-FRA
content-encoding
gzip
content-type
application/javascript
date
Tue, 20 Feb 2024 17:52:50 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
ig-membership
us.creativecdn.com/ Frame 612E 		2 KB
759 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/ig-membership?ntk=0Aj9RwJPwwktFanNFZNtd3w-7x3ePZovcbUaQ1ipEyR39hwCHFCqiOWSIlSOU6B1GZzn9W8nKTB6-pCO0bbQa0F33y1RcfmpiD3LLgVfqd4
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/Da0J4b08Tci60aJ6hFxt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
a0b82466922a8526dd2edec0e1d0e951bd09645b6db4810daafdee2c30fadacb

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
571
content-type
text/html;charset=utf-8
date
Tue, 20 Feb 2024 17:52:50 GMT Tue, 20 Feb 2024 17:52:50 GMT
expires
Wed, 21 Feb 2024 17:52:50 GMT
vary
Accept-Encoding
topics-membership
us.creativecdn.com/ Frame B4FB 		964 B
675 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us.creativecdn.com/topics-membership?ntk=Jg8jztCplbF_VqG0NhyLBrtkMjhE0ZO9CfBNRnE7-Qg9qb-NijFAySr0W7O8ynyShtngeTNgVcyJIB4Nb8JmS6VYPT9R8ph9Ma7Sf1UKY4Q
Requested by
Host: tags.creativecdn.com
URL: https://tags.creativecdn.com/Da0J4b08Tci60aJ6hFxt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
fdd266ab762eec4cebecb83d9f926c08ebfe383bb0586ffb16c28448a32ba68d

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
content-length
487
content-type
text/html;charset=utf-8
date
Tue, 20 Feb 2024 17:52:50 GMT Tue, 20 Feb 2024 17:52:50 GMT
expires
Wed, 21 Feb 2024 17:52:50 GMT
vary
Accept-Encoding
setuid
ib.adnxs.com/ Frame 0664 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=315&code=VOXQYS7uWMxTEDmrDhOvcthTKR1_MXTxXd4sMnALRVE
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:50 GMT
an-x-request-uuid
fc14e5a6-ebf3-45ce-af02-9d803ea610a0
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
14400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 20 Feb 2024 17:52:50 GMT
server
nginx
strict-transport-security
max-age=15552000
via
1.1 google
css2
fonts.googleapis.com/ Frame 0664 		14 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Roboto:wght@500;700&family=Libre+Barcode+39:wght@400&display=swap
Requested by
Host: sb2widgetsstatic-altenar2.biahosted.com
URL: https://sb2widgetsstatic-altenar2.biahosted.com/altenarWSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
356b19ce5fa8eb71f7f24b4633af26a934a5c7ee1dfcd1aa5aceca356bc37330
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:52:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 20 Feb 2024 17:52:50 GMT
GetMultipleBonuses
sb2bonus-altenar2.biahosted.com/api/WidgetBonus/ Frame 0664 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2bonus-altenar2.biahosted.com/api/WidgetBonus/GetMultipleBonuses
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
3b29bd44f6eaa07ef4262249b06eaabc25735c11aa3a64ddcd9afe76301060a9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1053
GetSystemParams
sb2auth-altenar2.biahosted.com/api/WidgetAuth/ Frame 0664 		514 B
530 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sb2auth-altenar2.biahosted.com/api/WidgetAuth/GetSystemParams?culture=pt-BR&timezoneOffset=-60&integration=estrelabet&deviceType=1&numFormat=en-GB&countryCode=DE
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.110.191.112 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
112.191.110.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e2a0d73cdac8030ccba3e7b749c58bcbd73d95d55210e99f93d5eb47be1e1f37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
strict-transport-security
max-age=15552000
via
1.1 google
server
nginx
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
514
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:50 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 0664 		201 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
6780880362245a4f930c00c44f556407be7e77c2030dc6204e6d456a4295c6d5

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:50 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 0664 		201 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
0e0ee2604ba49297c02661a14d03a83d8a70944d8de130d5179d4b1a4009cd62

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
joiabet
adjs.media/hit/ Frame 041E 		0
363 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adjs.media/hit/joiabet?usr=v1.0%3A18795913658%3A1708451570301%3A1708451570301&scr=1600x1200%7C1600x1200&scv=0x0%7C0&pgh=joiabet.com&pgl=https%3A%2F%2Fjoiabet.com%2Fpt-BR%2F%3Ftoken%3D3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk&pgr=
Requested by
Host: adjs.media
URL: https://adjs.media/resources/content/joiabet.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3b7a5bc7-60ae-48a4-9bfe-1701ff8e38fd
x-runtime
0.003576
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
vary
Accept-Encoding,Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrkiffOlVJ5H017C0HIViY5SzAuD7iVb7VF%2FO8a0Aq7lkjIscuEhZtQbrc9YTREwnJG93NhzgnRaj19PYST%2FSv8ahd3l1agyQhoreMLIq7EEhbVFs104lxVVPk2UlwGfi6eePMIr4lL9"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
85889b0a88f16f3a-CDG
esportesdasortevip
m.esportesdasorte.com/api-v2/fixture-detail/m/23/ Frame 75E9 		0
0
esportesdasortevip
m.esportesdasorte.com/api-v2/fixture-detail/m/23/ Frame 75E9 		155 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/fixture-detail/m/23/esportesdasortevip
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
0d22b2f2648e560a9ecb389b810ba0e5defd21fc67c47eaf679202b27d13191e

Request headers

bragiurl
https://bragi.sportingtech.com/
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"9b-gElmOCq9Lniep8kl6MpbDnnny94"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
content-length
155
x-amz-cf-id
NsuU6YmDWJPIMkHjwEq_MyWa_uRwqGIy7tK_NYui0_XUIkcowSVybQ==
x-proxy-cache
HIT
0
odin.sportingtech.com/api/generic/getNews/m.esportesdasorte.com/23/m/ Frame 75E9 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getNews/m.esportesdasorte.com/23/m/0
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4256548e6dc4a188a6b396d6abf1c2ae55cf53820a372e65c8cb8a174c96f4fc

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:25:46 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1624
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
Ix9gcASNH2enkk1uYwLrGaY0wFwTx251c4KHK20o4Vu_axFIC0JLgQ==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_main-static/m/ Frame 75E9 		914 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_main-static/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5e0d70d4ab9c4f15125d6c6712709fdd95d7216ec6c5e3967838b6571f858ca8

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:24:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1679
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
lxfC9eccyDG8qdecaw2UQs5Q9NY4nZkA5lgVZhNmjoAMzWOL6cKtUw==
logo.png
m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/ Frame 75E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.esportesdasorte.com/views/trader/esportesdasortevip/assets/images/logo.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
4c2aaeed01a8da8ff28038839bf02a197c7931a079ca49bbfb117f086106f6d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:47 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
age
3
etag
"65cba317-ab4"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
2740
x-amz-cf-id
RzsyjK6ypKM8W6kGB6awmGIETbHODjsxdsBBnNHGsBfDCx81LfW0bA==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/licence-html/m/ Frame 75E9 		955 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/licence-html/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c4ccb16211b908739077245361b1be1486af20045b1cfe8658679e76f7cbf5a8

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:51:25 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
85
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
ZFLmVGLDHXsiE_koIDzIPycAfUyJRoCtAj8XhVrRpzCXDqFj_KUjTw==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_footer-static/m/ Frame 75E9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_footer-static/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
98294a988629a3349317c4e6f2e4486b0cb903b06c614a240228d297116facdc

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:44:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
476
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
DGdlyhqILac63OUNjkAAx3WVw6X8WR_jh7hi10ZnbGNcrHJabJND3w==
core.css
static.sportingtech.com/m-common/assets/css/ Frame 75E9 		2 KB
977 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/m-common/assets/css/core.css
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
7e3af5b3e233552be7e3d52c10056cb2e2340e8be0aa2b95daf9ae379db66957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2022 15:05:47 GMT
Server
nginx
ETag
W/"63764dcb-62b"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_footer-for-setup/m/ Frame 75E9 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_footer-for-setup/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5d2937593d680bff03ea19b1675a743da80c251b3979c0135d516c44449234b7

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:42:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
596
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.102:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
lmqDFNgFinvHrUDQwNg4rGOYivmvM5CDtybgho8GXA9XreRkDeuW6w==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/twitter-url/m/ Frame 75E9 		496 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/twitter-url/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
97c242e9a7a904cfd5f030ab19a28a7e86ec72ab777345e2ae824290303d6c25

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:43:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
536
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
cwUNnqH7_x6bKcz0hE8t-PsXyJ16NurS1RSCqrl6qmZMAsZlCnscsQ==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/instagram-url/m/ Frame 75E9 		509 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/instagram-url/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
0d20a810442b8c7de9d5343a4f4902f0b8444a72b4c1b3fcdb97c319f65a879e

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:44:22 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
508
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
IGGtf2R7bKSXTvi3qsucHxamjY8wT9_ien1QggQ5WHmLkr_06CEQHw==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/youtube-url/m/ Frame 75E9 		517 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/youtube-url/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
c2acb170595e7f6bc94d7e40a945547493973815df16f40f8eb7cd868559af3a

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:38:50 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
840
x-cache-status
HIT
x-cache
Hit from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
BaoRjWEhxJo7qaJhI2RY5vtz4iLGh3DArqHfz49TyDxVTiVsyYZ2-Q==
23
odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_head-scripts/m/ Frame 75E9 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/getWebModuleContentByCode/m.esportesdasorte.com/m_head-scripts/m/23
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3293cb2698266f6dc7cbfe84d30be6311038d404d63443d38cf6c282bde3cfe7

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:22:54 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
age
1796
x-cache-status
EXPIRED
x-cache
Hit from cloudfront
x-appserver
192.168.50.19:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
PClKwweLqmFAp6iwNdgdOIIn7_qccpjvfGFXSGuE8V4SuSkEBZuGPA==
widget.js
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/ Frame 041E 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/widget.js
Requested by
Host: fw-cdn.com
URL: https://fw-cdn.com/2346572/2960938.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
b4db541e06042b252e36e46c88fd77da3bc560c9b3c92f6bb1425a4b13b8d0ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id
00-3caf4ddf12c79248b958c62ef30d37fe-0c39eca29de98d40-00
date
Tue, 20 Feb 2024 17:52:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 20 Feb 2024 03:26:25 GMT
server
fwe
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/javascript
x-fw-ratelimiting-managed
false
cache-control
max-age=900, must-revalidate
x-server
l8dr2
x-envoy-upstream-service-time
3
x-xss-protection
1; mode=block
x-request-id
a89bd9e6-a1c2-48d4-9cdc-d1915e90e5ee
view
pagead2.googlesyndication.com/pcs/ Frame C24A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstj-OtRRZUOSGWo970NvUKpB42p160_OWa_XKX7-jJLqnfkTYR4jG7XwE63qtTyvKrN1Pq8hpqAec0UqQ0qDFWTebVqdz2ZKyg2aWDlDVe7s0fgxBxxSQ2eJyt04fVdDrVq3H5fyZziPn3sREcHtl0pkmIb6VGcwFEa2J1EhtxJl09gwKkPVnfDGnxi1aEXC_ZVB_lb1WAg56Zug6XgDwncw7vu7-UTw1irD6eUYlwUuk1moeueoUauY2Xx1bRUE0qf-aKbyPy8sCD4cSqUF73YuT8bo7vh5yu_xAR1fZkDOrRQDqjaO2daJ0ziqC66591ROzkjO2LPOniBDblJ5Ay6sRnaz0dprcOKtEiJcL_Ssl5GytrjcTVbeFNo4jfl4wWDwOELNiACyFYMGgEJsA&sig=Cg0ArKJSzOn8nsIIZxMIEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
beacon.js
sb.scorecardresearch.com/ Frame C24A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:06:51 GMT
content-encoding
gzip
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
58244
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
i_020ir1HwkmYJONMx9BMAur4WFnBRyPVFD_nmy-M-e40EYf7qq2Ew==
beacon.js
sb.scorecardresearch.com/internal-cs/6036356/ Frame C24A
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036356/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/6036356/beacon.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28a3b8c616cc8b88edddc9991c5be70eef6b2b368d70688f2c18ceae508ec1bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 06:51:40 GMT
content-encoding
gzip
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified
Tue, 30 Jan 2024 15:54:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
39728
x-amz-server-side-encryption
AES256
etag
W/"83a683db1bde449cc8fc5228209ca9ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
XHyQ_FcQrvakbkMFOCvt_NwFcaeNnwR_CwBE3N-Hl3F3VJwW0N481Q==

Redirect headers

date
Tue, 20 Feb 2024 17:52:50 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/6036356/beacon.js
content-length
0
x-amz-cf-id
j_YTcaiTardWJ7E_QP0hVfDr-5cY4xwsB9TkuAiVDcNEeeobtB5ovw==
p
sb.scorecardresearch.com/ Frame C24A 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=6036356&c3=1&c15=&cv=2.0&cj=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:50 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
AI5l3JL1HJL8PmvTuSOUhEA-dUM24JZD2L1YkUs5F8lZFB2kC1lHoQ==
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:52:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
/
boot-loader.kompassify.app/ Frame CC82 		527 B
578 B 		Document
General
Check archive.org
Download Go to
Full URL
https://boot-loader.kompassify.app/?groupUuid=ef1d1e5c-a6f8-42da-ae60-94585d68fe91&refresh=1708451570964
Requested by
Host: player.kompassify.app
URL: https://player.kompassify.app/kompassifyInstancePlayer.js?version=4.2.21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.119.136.196 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi713732.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4d51ee77c3ee13843954b8b9a0fe7365f7350c2dee7304cd3c26819e69547547

Request headers

Referer
https://estrelabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 20 Feb 2024 17:52:51 GMT
ETag
W/"65a5a4ac-20f"
Last-Modified
Mon, 15 Jan 2024 21:33:32 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
726.9c55c4cc94fbe452.js
m.esportesdasorte.com/ Frame 75E9 		121 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/726.9c55c4cc94fbe452.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
fda5f154e78fa9f70ea62d8390e3d7b76838b80a3d957e977055b5a1f37bf5e0

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1e4a9"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
nvlj9il5CN4a5HnLrhTNg398_Pra7mB_jLu-K2RFFGYXRRk-DEnI-w==
248.8264f5470b6ee447.js
m.esportesdasorte.com/ Frame 75E9 		102 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/248.8264f5470b6ee447.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
e2bb20c63128dfd73ae367119bdbc45a4df379af2ef1772bdf903506f95d361a

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-19962"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
I0Sfa_xOc7kFY-7cDDUwKloJcrQmx85o_QxijiEXNvis4q0OG2VgSQ==
120.6d7678e89fb4c4fb.js
m.esportesdasorte.com/ Frame 75E9 		78 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/120.6d7678e89fb4c4fb.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
51f7c4d22e30fdd957cb7d8ba081f04e0d666cb667a5f7af6981136377ddf9ca

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-138b5"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
jn98DEV_x20lQ8Ve8zOS1OZsz1BOlhq3yT1ZGdjWTl4JP3IhELdJjA==
29.c8e160ed1c50ad24.js
m.esportesdasorte.com/ Frame 75E9 		115 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/29.c8e160ed1c50ad24.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
df3a26b4c9d0a3ea04e5ca6e7c87cc79301d8b503729b57bb52c16dc3d528229

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1cc85"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
VsvKlbUovlnFfI9kl71879E6E_I7fgO2gQXOQrhhP7BUKWYVk1ijJw==
552.72fc281e36bfafce.js
m.esportesdasorte.com/ Frame 75E9 		118 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/552.72fc281e36bfafce.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
85f0b1901c09c7c348da332168596368428cc3813061dfa9036cd2640bbc6366

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1d7db"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
MD0RgMbhrgYAhxO8aE1cjkME20oRo36GC0sz8o7cXHkJpmdclViEOA==
668.6db620cdff583365.js
m.esportesdasorte.com/ Frame 75E9 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/668.6db620cdff583365.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
e5395e9cdfe7b5ef6220655c59cdd073186e8fee2d4ba8cf5ea2813557957a5a

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-5864"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
bl578-2yIBSPdMRv-s_KbyFDbSSonmI--YHsbKu24Zq9g8dAObqbuw==
901.8046e55e794a808f.js
m.esportesdasorte.com/ Frame 75E9 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/901.8046e55e794a808f.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
362c6173fe30f3efe6e65a08593e67369149632104510bf7da8d7779b38ab1c9

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-51d4"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
ORy_UxpVDfld4_3ubcTulQyuukJZLb5tcCn8Ko9rhh9o8o5hxpyghw==
235.f5df8ae4b70ab146.js
m.esportesdasorte.com/ Frame 75E9 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/235.f5df8ae4b70ab146.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
968c0d001836b384c532281f606021e349d4b211fa7e84a76f9e993b28c49224

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-e8e6"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
an-4KZofL4KYQZXxRU2LQYyFzOqUqJDRLOvy2Z58nsrC9esPopCJuw==
96.8f2db0cb3284f6b4.js
m.esportesdasorte.com/ Frame 75E9 		108 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/96.8f2db0cb3284f6b4.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
bded577da791469c0127b1010c24099d5a34941d5706d05be1b7a65b91465a6e

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-1aee0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
XID2dtoL5OeM_ren2CiM5UlFOKyYckR-819yTqMGb6LB88yxtBFyCg==
699.76233f9683e45901.js
m.esportesdasorte.com/ Frame 75E9 		45 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/699.76233f9683e45901.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
5a35f576f68b5892e0343c68b6d7e01a75828310bd6818eababe5ec3ba3f5c2a

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-b260"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
d8KyK96ABEDVcgDM4D0FXnL1SIx545syzV0qt4g_r6PhmKEMEAHfzg==
196.63312845a2ab7507.js
m.esportesdasorte.com/ Frame 75E9 		640 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/196.63312845a2ab7507.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
c6d4d16fa4e3839b5e96f0676720afa1dd2d368d8065bd904d1a5aa719c6f4c9

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
"65cba317-280"
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
640
x-amz-cf-id
qsLAX8W6jRDOu_7M0MAh0NbzOgcMPGFZK1wmEgWBkMJkrPltfIZ1jw==
541.8843b18f39efc2aa.js
m.esportesdasorte.com/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/541.8843b18f39efc2aa.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/runtime.3a83710f43022abe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx /
Resource Hash
949126871a0e99f5ed540ad478c3cc5fe5b0d182eb9276ca913cdcf9fd0655c3

Request headers

Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
Origin
https://m.esportesdasorte.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified
Tue, 13 Feb 2024 17:12:55 GMT
server
nginx
x-amz-cf-pop
FRA53-C1
etag
W/"65cba317-cb2"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-id
eyiZLbuT38rw774gaPhI4gg42oXHYAUuMxbttiULFNE_kyQhcFP5JQ==
wmetrics
syncads.io/ Frame 041E 		0
304 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://syncads.io/wmetrics?rtid=UGH-1700705300228226&lg=en-us&sr=1600x1200&fr=1&dr=&dl=https%3A%2F%2Fjoiabet.com%2Fpt-BR%2F%3Ftoken%3D3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by
Host: syncads.io
URL: https://syncads.io/tag/js?rtid=UGH-1700705300228226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:9c10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A2II79CI%2FMTDLU2Tsk86%2F3u57p%2FpeStGKnKw%2FgrPlYPJ2LMcCuvs8JaxOLP0s%2BKXHcHaVXbTyrP3sH79c1AbY5uHNobyjH0nxgY5PcGPZSxTpBY%2BBWe8BpHJw%2FNesRuBfj7t3e1QRWq%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
85889b0f3bd3791b-CDG
alt-svc
h3=":443"; ma=86400
content-length
0
/
event.getblue.io/p/ Frame BBB8 		720 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/p/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&nocache=5269334774910.044
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.85.30 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-85-30.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
5ff3f4f3d38118e68024faba0625b75b65a656ca7a7a8af425a2f7ad08a6cae6

Request headers

Referer
https://joiabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 20 Feb 2024 17:52:51 GMT
tagcontainer-version
1206-11022024-1520
vary
Accept-Encoding
/
widget.getblue.io/event/ Frame 041E 		13 B
92 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.getblue.io/event/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&if=1&nocache=253074169820.9993
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/js/blue-tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.85.30 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-85-30.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-length
13
content-type
text/javascript;charset=UTF-8
json
gum.criteo.com/sid/ 		2 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftnonline.uol.com.br%2F&domain=tnonline.uol.com.br&cw=1&lsw=1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
309179
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ftnonline.uol.com.br%2F&domain=tnonline.uol.com.br&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://tnonline.uol.com.br
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 20 Feb 2024 17:52:50 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
222929
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F7B4 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
473
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
85889b100bc658f0-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 20 Feb 2024 17:52:51 GMT
expires
Tue, 20 Feb 2024 21:52:51 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 642A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44419
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 20 Feb 2024 17:52:51 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 14 Feb 2024 16:56:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
381, 231008
X-Served-By
cache-lga13626-LGA, cache-fra-etou8220070-FRA
X-Timer
S1708451571.228545,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 4127 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 20 Feb 2024 17:52:51 GMT
ETag
"280524-119-60b38417c4040"
Last-Modified
Tue, 28 Nov 2023 15:41:45 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
eyJyZXF1ZXN0Qm9keSI6e319
m.esportesdasorte.com/api-v2/left-menu/m/23/esportesdasortevip/ Frame 75E9 		164 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/left-menu/m/23/esportesdasortevip/eyJyZXF1ZXN0Qm9keSI6e319
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
12580b97542bb036d3fedcd3ae2951e221e9d98d10b3f708decb630d9c26835d

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
eyJyZXF1ZXN0Qm9keSI6e319
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"28ed7-JDc9UzN3SAKFQqmoLXe9nSaM+Es"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
N4ob3DLUHbOlHWgI2rtJcEsF-tGRZCj6_H1Eubu8pRu8TIADMmDZvw==
x-proxy-cache
HIT
ordered
odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ordered
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
j6ucW_UND9F_q5ogqtn9f0qh3qovQhkyn2GmmT58EEw9jQL_DHWozA==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
getReservedCategories
odin.sportingtech.com/api/user/casinoapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedCategories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
Mwiiw6bDcfj8I-n4lP6XQvgyvNgrdYx93xqUGdjm67cr5xwbtu63qg==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
getReservedGames
odin.sportingtech.com/api/user/casinoapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedGames
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
hPbILJNhWzSpxNdzHcFPHKoFA1wTEh6dWBzYzTZ8BZT0vx6TAJcGoA==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
ordered
odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ordered
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
mZHCMcVV8QDA7Zt24pxfTc6c230JxatluIfzanMRXgtZ7QB37Dlgzw==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
getReservedCategories
odin.sportingtech.com/api/user/casinoapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedCategories
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
JPC2lgfY8SlEX93j5YUyUMGK0kEKzZ887aE222mw0qoyeJwOiX-e5w==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
getReservedGames
odin.sportingtech.com/api/user/casinoapi/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedGames
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,languageid
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
7CNE757Znt-wDY_cJSfQvS-S-Zydh5RycF4s8eKpZcSczULirzoO8Q==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
getPopularOdds
odin.sportingtech.com/api/generic/sportbet/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/sportbet/getPopularOdds
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
access-control-allow-methods
POST,GET,OPTIONS
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-max-age
1728000
date
Tue, 20 Feb 2024 17:52:51 GMT
server
nginx
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-id
icI2nQlos6c37uTFCN3y-uVWi9Mue0nKFk8O2FysqFqE2YjhKvMgtg==
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
ordered
odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ Frame 75E9 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ordered
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
262cdcc2c94544c6bf0b5d6ae014f5d9b4ccb9d9cbeb6631d251e0cff03a2c26

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
M0d_nvCTUFkzGQheTlWLEsFMrQFC41QBkJ6RN-neRSbfrVuXUjoG8w==
x-geoip-country-code
DE
getReservedCategories
odin.sportingtech.com/api/user/casinoapi/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedCategories
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
db1af35593407a80b84bd15f5603726bee908fd1dc46ab85e4f8d2fd97574dcc

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

x-geoip-country-code
DE
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
pragma
[no-cache, no-cache]
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
cache-control
[max-age=0, no-cache, no-store, must-revalidate]
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
ETmYzgNgTmnUtjdzdlNTW7ML62xkPuCw29pLemnpSCdJ9HkUHn2QoQ==
expires
[Tue, 20 Feb 2024 17:51:50 GMT]
getReservedGames
odin.sportingtech.com/api/user/casinoapi/ Frame 75E9 		616 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedGames
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e88596bee2cce96fad4bdeb2fd544367ba0f1cce7c8072ba7543d210d21cd5c5

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

x-geoip-country-code
DE
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
pragma
[no-cache, no-cache]
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
cache-control
[max-age=0, no-cache, no-store, must-revalidate]
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
qC6OdY68-aY0TJkzrWYbFO93ZStGW_J8xISza2Ao-UuYvc7UlbEdaw==
expires
[Tue, 20 Feb 2024 17:49:16 GMT]
ordered
odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ Frame 75E9 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedVendors/ordered
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
262cdcc2c94544c6bf0b5d6ae014f5d9b4ccb9d9cbeb6631d251e0cff03a2c26

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
XFzdzveOgCF9Usacto3CGXAE1bE06141xCJqaVZxuexML12yuHqHrQ==
x-geoip-country-code
DE
getReservedCategories
odin.sportingtech.com/api/user/casinoapi/ Frame 75E9 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedCategories
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
579f766cd56bb31e283c02962748aeb4a722d20899aea2cf5d78efab83079c99

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

x-geoip-country-code
DE
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
pragma
[no-cache, no-cache]
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
cache-control
[max-age=0, no-cache, no-store, must-revalidate]
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
yat7PPKEp1Bf-kkHG3uIeVtSS0IHMoumgFhOLI0nuCAa5pOx0-f1lg==
expires
[Tue, 20 Feb 2024 17:51:57 GMT]
getReservedGames
odin.sportingtech.com/api/user/casinoapi/ Frame 75E9 		373 KB
48 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/getReservedGames
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
87c5a8b473197aa1b015c4ec1a267f7677000e093d77add79663c7487b8778f9

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
languageId
23
Content-Type
application/json

Response headers

x-geoip-country-code
DE
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
pragma
[no-cache, no-cache]
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
cache-control
[max-age=0, no-cache, no-store, must-revalidate]
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
6xWjFoC-cHpfVPmjcdPaFsA0ZaYp2WLWFK9v9mwO07kitKwwmnwzHQ==
expires
[Tue, 20 Feb 2024 17:49:21 GMT]
e30=
m.esportesdasorte.com/api-v2/popular-fixture/m/23/esportesdasortevip/ Frame 75E9 		22 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/popular-fixture/m/23/esportesdasortevip/e30=
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
329e0afdbb2c756101a631fbf12bacc1475201b76b4f4137711082b27d2eaf9f

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"59f8-bus/RWyqpE218TF2EvKi6bIRDk0"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
KacFdxMekGI5pAeMnYAQ1KGaXuoF8zruMYJY-3XPMBG3NDsTlPUO7Q==
x-proxy-cache
HIT
53606040-52424307-52424809-52424301-52424304
m.esportesdasorte.com/api-v2/event-card/m/23/esportesdasortevip/ Frame 75E9 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/event-card/m/23/esportesdasortevip/53606040-52424307-52424809-52424301-52424304
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
d54d37189fd4949091c6ac85a16773550b8a9088a072699943bf490c26dddbd8

Request headers

bragiurl
https://bragi.sportingtech.com/
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"60b8-gjaTj3Nyqh3nTmqry+/CB8ZGy7s"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
fn_xzTWSx0yBBjyVJAeQ4CIyIK4b2sPPVq3yzWWl0REP9udvdrAq1A==
x-proxy-cache
HIT
53719597-53342725-53425536-53855245-53912224-53843414
m.esportesdasorte.com/api-v2/detail-card/m/23/esportesdasortevip/ Frame 75E9 		24 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/detail-card/m/23/esportesdasortevip/53719597-53342725-53425536-53855245-53912224-53843414
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
d0d3d57e34d80911e1f475cda19961560997d315be37c818c703de8b5d9857b0

Request headers

bragiurl
https://bragi.sportingtech.com/
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"5ec2-t/NYpgE2KULw3VlNNLY0RT7XPhY"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
F0I0vcFqbLmzAaCuUPKG8ulKgKmok9vXzl2TZ7c0aPyYyyB8ctbcDg==
x-proxy-cache
HIT
eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
m.esportesdasorte.com/api-v2/today-sport-types/m/23/esportesdasortevip/24/ Frame 75E9 		2 KB
885 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/today-sport-types/m/23/esportesdasortevip/24/eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
4dcd33d17f57ed2223caf3d3580b82478dab97bb45cd5920987addc8ef0029f2

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"75b-zE7EwKR62ZCkVD4V6D5Vzzkx8Pc"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
OcfIlRCyAeiEydHD45YyepFUdfccbNABEQIBLdr8LbVP2g0d8hi3sA==
x-proxy-cache
HIT
getPopularOdds
odin.sportingtech.com/api/generic/sportbet/ Frame 75E9 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/sportbet/getPopularOdds
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cf980445e6e14c718896282377d3640cbd5e6f50f55d3512eb83c42ee5c67d3f

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache-status
HIT
x-cache
Miss from cloudfront
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
VzYRMoOvPpj7rWrMxpOjZIyMFO1tQ7B2nbpl7SjsqHW0LdM5vLNpYg==
x-geoip-country-code
DE
game-list
odin.sportingtech.com/api/generic/iframe/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/generic/iframe/game-list?lang=ptb&channel=w&device=m
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
4d72dc63ae6f6dd4e0b520b7b5cfb2d0a82ae3a921d3346cee45a21a219260ed

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
x-appserver
192.168.50.19:9095
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
XukfjhzHblZl-bZBux9oAGtG1uXLq3I25GoxvFk74c9PluKrKWkvsA==
e30=
m.esportesdasorte.com/api-v2/popular-fixture/m/23/esportesdasortevip/ Frame 75E9 		22 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/popular-fixture/m/23/esportesdasortevip/e30=
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
329e0afdbb2c756101a631fbf12bacc1475201b76b4f4137711082b27d2eaf9f

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"59f8-bus/RWyqpE218TF2EvKi6bIRDk0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
DPPOez0WKOMLfQU7X3FBQRoQs6TxawqfLOfq2egpZ65KhLcjtrgd_Q==
x-proxy-cache
HIT
bundle.js
boot-loader.kompassify.app/dist/ Frame CC82 		52 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://boot-loader.kompassify.app/dist/bundle.js?v=8.6.1
Requested by
Host: boot-loader.kompassify.app
URL: https://boot-loader.kompassify.app/?groupUuid=ef1d1e5c-a6f8-42da-ae60-94585d68fe91&refresh=1708451570964
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.119.136.196 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi713732.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0c2612b8d214c56a727d320101ac88cd161d49016077dc7a65c8e07de6456826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://boot-loader.kompassify.app/?groupUuid=ef1d1e5c-a6f8-42da-ae60-94585d68fe91&refresh=1708451570964
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Mon, 15 Jan 2024 21:33:29 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"65a5a4a9-d14e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
53582
usync.js
eus.rubiconproject.com/ Frame 4127 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.125.233 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-125-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
aafcb232f2cb29d0231a2dd43c35565b1fd3f4c8550862c9fbddcf7c26ade8ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Feb 2024 05:27:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=41633
Connection
keep-alive
Content-Length
10921
Expires
Wed, 21 Feb 2024 05:26:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FAB0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26bd569435aa327b3bd5148e1e4bd92c6cdd67c0bd856632bc8ffe1eb1e2018d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889b118e304516-TXL
content-encoding
br
content-type
text/html
date
Tue, 20 Feb 2024 17:52:51 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVw0GcPgSbtnqQs%2FVa4mequ0850FCkEq%2B756uN3cn%2BMaJb51F%2FUbPOU0Jby57EV0UjvB7gsydzq5jyKW3741zRzWU5AIcoAOfZybZeikbEraWSYskMqLXjykaqvmhX5NEfv87jkpwCNQTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
85889b110cdf4516-TXL
content-length
0
date
Tue, 20 Feb 2024 17:52:51 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fSZhZrgzcZtt%2Fu7OMtF%2BL869AXJfkDZH46nEdIMTp9Y3YeCDIqFAOR7z4lzqW7CTATSxFwZ78hXV1QENiG9FzQKYkEM4khpR1bUgcJmGAu9hF8dLQmzUmqjxiAwTf5sBYlkzqUMFM80f7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 0664 		279 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=584573586032562242&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=584573586032562242&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bd331d1513f444bde10ec0205288e5cf151be6d7750f8297c3b7fcb57eeb1ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Tue, 06 Feb 2024 07:23:23 GMT
Content-Encoding
gzip
x-oss-request-id
65C1DE6B04586B3635CEC1C1
X-Cache-Lookup
Cache Hit
Content-MD5
+0RRB2jc0QlGRcXoCZBgkA==
kwaisign
NULL
Connection
keep-alive
Content-Length
74964
X-Ks-Request-ID
6315452277356383357
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 06 Feb 2024 07:18:03 GMT
Server
Lego Server
Etag
"FB44510768DCD1094645C5E809906090"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
6315452277356383357
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14735527793861735101
x-oss-server-time
23
Expires
Thu, 07 Mar 2024 07:23:23 GMT
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 0664 		279 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=515422330685489181&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=515422330685489181&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bd331d1513f444bde10ec0205288e5cf151be6d7750f8297c3b7fcb57eeb1ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Tue, 06 Feb 2024 07:23:23 GMT
Content-Encoding
gzip
x-oss-request-id
65C1DE6B04586B3635CEC1C1
X-Cache-Lookup
Cache Hit
Content-MD5
+0RRB2jc0QlGRcXoCZBgkA==
kwaisign
NULL
Connection
keep-alive
Content-Length
74964
X-Ks-Request-ID
2200229894904149092
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 06 Feb 2024 07:18:03 GMT
Server
Lego Server
Etag
"FB44510768DCD1094645C5E809906090"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
2200229894904149092
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14735527793861735101
x-oss-server-time
23
Expires
Thu, 07 Mar 2024 07:23:23 GMT
async_usersync
ib.adnxs.com/ Frame 642A 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
an-x-request-uuid
96da018c-9bbe-4de4-b678-de27c1448be6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
config_iframe.html
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/ Frame 28B6 		701 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/config_iframe.html?host=https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com&token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&origin=https://joiabet.com&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://joiabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Tue, 20 Feb 2024 17:52:51 GMT
last-modified
Tue, 20 Feb 2024 03:26:25 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
a79e0f6a-b525-48ed-add3-5764d09b9c1a
x-server
l8dr2
x-trace-id
00-ed66329db80653d1a999ae50152a3bd7-24365b68ea63de82-00
x-xss-protection
1; mode=block
script_BBB_vm10.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		650 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_BBB_vm10.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
1330dd041c0e6db07ed71a27481783ff2234563f9387089356aa743f50df242c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jan 2024 16:38:32 GMT
Server
nginx
ETag
W/"659ec808-28a"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
script_eds_clubev01.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		791 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_eds_clubev01.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
cb11f24bbdf2c65d782f498e23219a467969b912dd304edefcd0ed4f3d52d54c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Sat, 30 Sep 2023 15:34:47 GMT
Server
nginx
ETag
W/"65184017-317"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
apg-seal.js
4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com/apg-seal.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6e00:14:4688:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
40d185b7ebe36eb42c620cc145a28dd0b6669de6bb8c6999922e17f5c867bde9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
cf-cache-status
DYNAMIC
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
server
cloudflare
x-amz-cf-pop
FRA60-P3
age
145
x-powered-by
Express
etag
W/"c85-GHkkeUK/MPX3GbWlJUnbz/kEayo"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
cf-ray
85889787def42c47-FRA
x-amz-cf-id
ga6KgQ8FVi4jpdqLp-B7-FOj-8SXJz_pELikyggkAI8-BvSVF9hJ4g==
script_escudos_vm14.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		1 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_escudos_vm14.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
20bbf512cbf8f9fcd4cc63fe7753d09573ac7ebc4c3bff658c981e5eadbb5100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 Jan 2024 18:43:52 GMT
Server
nginx
ETag
W/"65ba94e8-569"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
apg-seal.js
2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com/ Frame 75E9 		0
0
script_edscz.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		400 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_edscz.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
e8e49cb02b58f0b48dbe20560c78e690935c7767cd9c6ab8e3a877660cbf6586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Nov 2022 21:02:06 GMT
Server
nginx
ETag
W/"637e8a4e-190"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
script_edslogov01.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		372 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_edslogov01.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
0572808a3b48a9d57e5422dedbcf619d2cae8eeb8349e599e847ff5900d4ecb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Dec 2022 18:49:07 GMT
Server
nginx
ETag
W/"63a4a6a3-174"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
script_loads.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		328 B
620 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/script_loads.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
88db13e775b780cf6acea0b41abbb0feae7307c8096dde51e2afd6ba0e786fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Mar 2023 23:33:23 GMT
Server
nginx
ETag
W/"64013243-148"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
globo.js
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		423 B
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/globo.js
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
eeddab2e9d415810189e8097c7596e14cfd882886f11a2cce6369f82864b436d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 20 Jun 2023 13:59:37 GMT
Server
nginx
ETag
W/"6491b0c9-1a7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
tag-manager.js
tm.ads.sportradar.com/dist/ Frame 75E9 		370 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAATQ
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8b4435b984d017be896a1e296cafdd127535f6eead6d357aee8b33e9d2f5cd9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
x-n
S
content-length
36138
apigw-requestid
Tcia2iEjDoEEJyA=
fbevents.js
connect.facebook.net/en_US/ Frame 75E9 		214 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
SLBpYJF4s74WRyzJBsv4g/l7vUG32MED5/7PKg88A7T2dIp5tFf3GJsOBffUM+++3nLfMYkU9ieLpj9H6bnlqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 75E9 		302 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41ac318772d2393e32eaac3dca80e0282cc6220b6d7ae301e3dc55af397cccf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98662
x-xss-protection
0
last-modified
Tue, 20 Feb 2024 17:15:26 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 20 Feb 2024 17:52:51 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1518940/ Frame 75E9 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1518940/tfa.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5e23e6889cc6aed29ff1a675ef903f22c4b80aa6fc5c0f4f54d9383a535a11de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
OxdE48um1UU5bgCsMUKILuZhvP_hcdHi
content-encoding
gzip
via
1.1 varnish
date
Tue, 20 Feb 2024 17:52:51 GMT
x-amz-request-id
WS212TYPWY6Q99KZ
age
85
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21563
x-amz-id-2
bdFBQimMyvmyLmcn8w3Ldc4QZMwIOeWuMlvl4bkrgxXW9AywOo6ciJozUL0i/8iB7Oqv410UPYw=
x-served-by
cache-fra-etou8220083-FRA
last-modified
Sun, 18 Feb 2024 11:14:13 GMT
server
AmazonS3
x-timer
S1708451572.553247,VS0,VE2
etag
"866447a6052309605413c4381bd71876"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
smartico.js
libs.smartico.ai/ Frame 75E9 		288 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://libs.smartico.ai/smartico.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.86.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-86-128.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fad233c843b4aeaa0aeffb36a048451c978c0214a500ec8d833f4bb50a1f88e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:34:18 GMT
content-encoding
br
via
1.1 8e4700eb43d0f5579f360cfc02e71fac.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 12:10:13 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
age
15514
etag
W/"511619f2cb41d6303112eccb393e9894"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
J2va3dNwDUSkQdHluVmMiFIU6MLGXLW8hruQ-IDbErozth2xF14A7Q==
settings_v07_03.css
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/settings_v07_03.css
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
96a0135d56d3f4a753df608a2939a45e1227762fc7a1ae09c9c27d869754efbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 Oct 2023 20:22:31 GMT
Server
nginx
ETag
W/"653c1c07-89f2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
ib.adnxs.com/ Frame BBB8 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=449&code=B6964FF8-2C6C-46E5-972C4B73D0469C3D
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&nocache=5269334774910.044
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
an-x-request-uuid
7abc76cb-b41b-4204-8cf3-73878cc27362
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
cms.getblue.io/cm/ Frame BBB8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appn...
  • https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appnexusid=7850017704317607944
2 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appnexusid=7850017704317607944
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&nocache=5269334774910.044
Protocol
H2
Server
54.207.86.50 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-207-86-50.sa-east-1.compute.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
x-powered-by
Express
content-length
2
content-type
application/json; charset=utf-8

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
an-x-request-uuid
aa4a6a56-b1c3-4f4c-956a-d4de36c30695
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cms.getblue.io/cm/?src=appnexus&ckid=B6964FF8-2C6C-46E5-972C4B73D0469C3D&cid=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&appnexusid=7850017704317607944
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
audience-pixel.min.js
event.getblue.io/r/ Frame BBB8 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://event.getblue.io/r/audience-pixel.min.js?nocache=1090
Requested by
Host: event.getblue.io
URL: https://event.getblue.io/p/?cId=08E7BCDE-E0B0-3ADC-0FD42B7810132F83&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=953b3531-3f1e-4ea7-a43d-5ff0dc778d68&ulc=&v=29092023-1023&nocache=5269334774910.044
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.233.85.30 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-233-85-30.sa-east-1.compute.amazonaws.com
Software
/
Resource Hash
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2024 17:28:28 GMT
etag
W/"5608-1708450108074"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
x-xss-protection
1; mode=block
modules
api.kompassify.app/boot-loader/ Frame CC82 		4 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.kompassify.app/boot-loader/modules
Requested by
Host: boot-loader.kompassify.app
URL: https://boot-loader.kompassify.app/dist/bundle.js?v=8.6.1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.119.136.196 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi713732.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
7478be03487100d66fa173e927f83d726fa4603559cd21b4847e84075d48e22c

Request headers

Accept
application/json, text/plain, */*
Referer
https://boot-loader.kompassify.app/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"1116-bMJqil4p+1KLC2j7xKLyCw6bVDc"
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
4374
modules
api.kompassify.app/boot-loader/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.kompassify.app/boot-loader/modules
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
75.119.136.196 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS
vmi713732.contaboserver.net
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://boot-loader.kompassify.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:51 GMT
Server
nginx/1.14.0 (Ubuntu)
Vary
Access-Control-Request-Headers
X-Powered-By
Express
eyJyZXF1ZXN0Qm9keSI6eyJzcG9ydFNlbGZVcmxLZXkiOm51bGx9fQ==
m.esportesdasorte.com/api-v2/upcoming-events/m/23/esportesdasortevip/null/ Frame 75E9 		23 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/upcoming-events/m/23/esportesdasortevip/null/eyJyZXF1ZXN0Qm9keSI6eyJzcG9ydFNlbGZVcmxLZXkiOm51bGx9fQ==
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
ec79e2c7e2f0bf876ff017eab7fdd9c4d865aa48d47df1ca3ac0f08951bd3c85

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
eyJyZXF1ZXN0Qm9keSI6eyJzcG9ydFNlbGZVcmxLZXkiOm51bGx9fQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"5b15-ArkY0y/2VjMrrlNxG8TAFPHYk18"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
1SgSR_Xo7i2Bt1BA709GvN4tpMkclp0gRmM83d9LlKEAvLuiv5XiBw==
x-proxy-cache
HIT
eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
m.esportesdasorte.com/api-v2/today-sport-types/m/23/esportesdasortevip/24/ Frame 75E9 		2 KB
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/today-sport-types/m/23/esportesdasortevip/24/eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
4dcd33d17f57ed2223caf3d3580b82478dab97bb45cd5920987addc8ef0029f2

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
eyJyZXF1ZXN0Qm9keSI6eyJ0aW1lUmFuZ2VJbkhvdXJzIjoyNH19
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"75b-zE7EwKR62ZCkVD4V6D5Vzzkx8Pc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
PqT9heYnSMHlZ2eNKBUWxC5gmK0EzESHPZosLxDeu9dcONpxZqBfWQ==
x-proxy-cache
HIT
51291-small.jpeg
static.sportingtech.com//esportesdasortevip/images/news/ Frame 75E9 		234 KB
234 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com//esportesdasortevip/images/news/51291-small.jpeg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
5a5e2db72cee28fc4d208450a1c268b357c19fcc1acb982df28eafe913555716

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Fri, 18 Aug 2023 21:20:45 GMT
Server
nginx
ETag
"64dfe0ad-3a826"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
239654
Expires
Thu, 31 Dec 2037 23:55:55 GMT
52908-small.jpeg
static.sportingtech.com//esportesdasortevip/images/news/ Frame 75E9 		208 KB
209 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com//esportesdasortevip/images/news/52908-small.jpeg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
dcef2d7099d2766524f4350065ddf74cd858d04a8b2ca598afa96e80b3da5ca9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Sat, 30 Sep 2023 16:32:41 GMT
Server
nginx
ETag
"65184da9-341fd"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
213501
Expires
Thu, 31 Dec 2037 23:55:55 GMT
55985-small.jpeg
static.sportingtech.com//esportesdasortevip/images/news/ Frame 75E9 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com//esportesdasortevip/images/news/55985-small.jpeg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
533f3e4e361d851dc5dd2a73ebd40d869e6234a5dcd221048025e03085a75f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Tue, 06 Feb 2024 13:59:25 GMT
Server
nginx
ETag
"65c23b3d-1a787"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
108423
Expires
Thu, 31 Dec 2037 23:55:55 GMT
55987-small.jpeg
static.sportingtech.com//esportesdasortevip/images/news/ Frame 75E9 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com//esportesdasortevip/images/news/55987-small.jpeg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
ed1dc1c5987321ab91593c4cc06cc8d3c72963d86ba49ed6f39c120cebc11732

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Tue, 06 Feb 2024 14:04:31 GMT
Server
nginx
ETag
"65c23c6f-17657"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95831
Expires
Thu, 31 Dec 2037 23:55:55 GMT
old18.png
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/old18.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
40cdda6cbce9ad8292871983f62d55387cfc49248f947a28262a0666deacbf8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Wed, 22 Nov 2023 13:31:39 GMT
Server
nginx
ETag
"655e02bb-6c9"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1737
Expires
Thu, 31 Dec 2037 23:55:55 GMT
khaos.json
token.rubiconproject.com/ Frame 4127 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
pixel
cm.g.doubleclick.net/ Frame FAB0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZdTm81VbLYcAAGALAHP7NQAA
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZdTm81VbLYcAAGALAHP7NQAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkhrQIGkZAGaNp01JjY5%2FonJ4b7cNOHfxGFzeH3ZNTGcXEf6YGLOGxJ3Q3o%2FBTN05FZ4ElM3nLzYjbatIqXTTzgQixe4GWy893yCjC1BDoEf0mYWXdo24%2BoBkxEJ7oVN%2FqfZLv%2BeG6y8QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZdTm81VbLYcAAGALAHP7NQAA
cache-control
no-cache
cf-ray
85889b1319ae4516-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
usersync.aspx
dis.criteo.com/dis/ Frame FAB0
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZdTm81VbLYcAAGALAHP7NQAA%265221&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZdTm81VbLYcAAGALAHP7NQAA%265221&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=7e8e9f9e64ba423ba510e6aada54c063
  • https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
255991
expires
Tue, 20 Feb 2024 00:00:00 GMT

Redirect headers

Location
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date
Tue, 20 Feb 2024 17:52:52 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
pixel
cm.g.doubleclick.net/ Frame FAB0 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZdTm81VbLYcAAGALAHP7NQAAFGUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame FAB0 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame FAB0 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZdTm81VbLYcAAGALAHP7NQAAFGUAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:4::26 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 20 Feb 2024 17:52:51 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1708451571847089-533
crum
dsum-sec.casalemedia.com/ Frame FAB0
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d51992af-1151-45a3-b3ba-7ed8a987e4d4
43 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d51992af-1151-45a3-b3ba-7ed8a987e4d4
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVAuR7ErCl1MQDemzmLvRBZGbwwuSIC3%2FTtd1phcd7%2FLCxJK%2FeSm%2BC5X9OowvzhNZbfEhjjW50%2FSPxw3L0d41dt1%2B9br4Kt%2B9qeshBc306x1YEf0XJhhUj6Sh%2F5H9exjtv5Ix%2B73RETKMA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85889b146b5c450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=d51992af-1151-45a3-b3ba-7ed8a987e4d4
date
Tue, 20 Feb 2024 17:52:51 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame FAB0
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9e761e2277a54df5b05ce7f4cf81ecc8&expiration=1711043571
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9e761e2277a54df5b05ce7f4cf81ecc8&expiration=1711043571
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUk5N%2B6KTCHCVe0h39K5xyWvQVp4mS1f9i%2BSGf6DMXMIODeSSje8xLryJLpRSFxCmFjoaNcvTcai5WSVRPgiCEUxJJLB3uERNMRWyHIEUb2YtnFQKVhnstNhxaNLZpVk0%2FJOmS4bpYKOeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85889b144b05450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=9e761e2277a54df5b05ce7f4cf81ecc8&expiration=1711043571
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FAB0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=ZdTm8wAGWTOZMwA9
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZdTm8wAGWTOZMwA9&_test=ZdTm8wAGWTOZMwA9
43 B
729 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZdTm8wAGWTOZMwA9&_test=ZdTm8wAGWTOZMwA9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiTmCjm1N8%2F74fIEkgJGv5yBRhcwFKumowswlrbGoOHaU5d7BfCKbm%2BsBzHMqOT3fD38adMXyDede68VvnoKHq6yavtn5SwpiNNpIichCXXtQ677UJc9yNPQaRPFVzUCwfu5bbPoa2Po8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
85889b158e48450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

x-served-by
cache-fra-etou8220065-FRA
pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
via
1.1 varnish
server
Varnish
x-timer
S1708451572.001395,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZdTm8wAGWTOZMwA9&_test=ZdTm8wAGWTOZMwA9
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame FAB0 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZdTm81VbLYcAAGALAHP7NQAA%265221
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
36536
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
85889b135aeb58f0-TXL
content-length
43
expires
Wed, 21 Feb 2024 17:52:51 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 0664 		71 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abf06871460c4146014c28238429a90da8163d60d075e07d566ccd0a046143de

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://estrelabet.com
date
Tue, 20 Feb 2024 17:52:52 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
71
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 0664 		71 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf3d9bedbd20bd9092e43e5f61f288c3c7614cfb636c72ca7c584f9401be13ba

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://estrelabet.com
date
Tue, 20 Feb 2024 17:52:52 GMT
access-control-allow-credentials
true
content-length
71
content-type
text/plain;charset=UTF-8
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ Frame 0664 		323 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=515422330685489181
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
ef7c1d5a1b6622c9a653dd30000ba0f036ba272eec8f6822d533d7cafaa73460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ Frame 0664 		380 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=584573586032562242
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
6d05bf870b2c8d094aab989b58879cd8498bafaf2419693ed6f1f26d38a8e76b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://estrelabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
config
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/mw/ Frame 28B6 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/mw/config?domain=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/config_iframe.html?host=https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com&token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&origin=https://joiabet.com&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
da80cb2c79431a0de19ff5e63cf43f7ae42c973587cc0208f3a14549dc1a0e88
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/config_iframe.html?host=https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com&token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&origin=https://joiabet.com&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
11
x-xss-protection
1; mode=block
x-request-id
34c923b4-4ff5-47f0-9689-a02e0da2d097
x-trace-id
00-3bdd2222ba39017b89967a6505723f59-963012a66fd5df29-00
server
fwe
vary
accept-encoding
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
3063
x-ratelimit-remaining
2999
x-ratelimit-limit
3000
activeview
pagead2.googlesyndication.com/pcs/ Frame C24A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss2UD4xDWjPRXcNFrC9_ZozcVe0S-fRdr8O6Pt63PJP49Wq_-ok4dsg8tr0UB479tFHgNtrfAtQwYq1oWap-eqS7weFJeeE-0fzXAsFPONN9srGWTRGqt_xp-0-IskaJIpddsbJVFk-MOeWJLyjrZTO5bUeZcF8WHMqRXU&sig=Cg0ArKJSzOG26iYxIJP0EAE&id=lidar2&mcvt=1078&p=1100,436,1190,1164&mtos=1078,1078,1078,1078,1078&tos=1078,0,0,0,0&v=20240215&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3928323922&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=438437000&rst=1708451569374&rpt=1312&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LOGO-EDS.svg
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/LOGO-EDS.svg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
2fb43e6b945c902558712791330998295f8229f52ad59036104d3a6931b6925f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Wed, 21 Dec 2022 19:00:24 GMT
Server
nginx
ETag
"63a357c8-2131"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8497
escudo-cap.png
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/escudo-cap.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
852be3598e9336686541315c2de8dcb74140357ab61bc19038ccf6e8387dd45b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Fri, 24 Mar 2023 22:56:56 GMT
Server
nginx
ETag
"641e2ab8-6456"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25686
Expires
Thu, 31 Dec 2037 23:55:55 GMT
escudo-bahia.png
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/escudo-bahia.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
2e34266e31590b3ed3fb02e75131390c9daacd23adc38092d0937baddb27ad0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Wed, 04 Jan 2023 19:22:47 GMT
Server
nginx
ETag
"63b5d207-18e16"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
101910
Expires
Thu, 31 Dec 2037 23:55:55 GMT
escudo-gremio.png
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/escudo-gremio.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
91f16441901e04abec9bbc4f13fea554e53306389d2b56e817ec9a6990f7407e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Wed, 01 Mar 2023 20:59:56 GMT
Server
nginx
ETag
"63ffbccc-d4bb"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
54459
Expires
Thu, 31 Dec 2037 23:55:55 GMT
escudo-palmeiras.png
static.sportingtech.com/esportesdasortevip/upload_files/ Frame 75E9 		83 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/esportesdasortevip/upload_files/escudo-palmeiras.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
828117c3f0505d39f1627b3fc24ee5e8cef9294583a73c217ee1eaa112cbcdc3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Last-Modified
Wed, 31 Jan 2024 18:40:31 GMT
Server
nginx
ETag
"65ba941f-14ad8"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
84696
Expires
Thu, 31 Dec 2037 23:55:55 GMT
uwt.js
static.ads-twitter.com/ Frame 75E9 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: static.sportingtech.com
URL: https://static.sportingtech.com/esportesdasortevip/upload_files/script_loads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-muc13961-MUC
DFPAudiencePixel;ord=1374498652040134;dc_seg=8019840669
pubads.g.doubleclick.net/activity;dc_iu=/95377733/ Frame 75E9 		42 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/95377733/DFPAudiencePixel;ord=1374498652040134;dc_seg=8019840669?
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activity;xsp=5155554;ord=8039295473271009
pubads.g.doubleclick.net/ Frame 75E9 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;xsp=5155554;ord=8039295473271009?
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
snippet.js
static.zdassets.com/ekr/ Frame 75E9 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/ekr/snippet.js?key=d63033a6-e9ff-476a-9563-e3daf682c9cc
Requested by
Host: static.sportingtech.com
URL: https://static.sportingtech.com/esportesdasortevip/upload_files/script_edscz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
x-amz-version-id
sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FP55XB5VFRXR2JJV
age
23
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
Bb/sLb3GNygsC2XL8RUYzNHCDmFtTSK9Wp9i9Q7fP2A7lgbVVDGHyXL9Rv1DCP3ZNWR4nJjWZUcfj/t+UuCPtg==
last-modified
Mon, 15 Jan 2024 02:56:11 GMT
server
cloudflare
etag
W/"c0053b411b753138af468db1bd3b19f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLxdr8r2pOyyonAuDUAHNIPjke%2B%2FohUpRhf3uUhcLA89PVhgJxNJ21t2dOKEkSD4o3luWLj8HkNJ%2BgxIgleGI%2BfgATgyX2NciqaTaSNxWBS9%2BzhEC%2FAHc7qq7MXPQKbomTwuXJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=3600, s-maxage=60
access-control-max-age
0
cf-ray
85889b14ffaf3bb5-WAW
access-control-allow-headers
*
601094538365217
connect.facebook.net/signals/config/ Frame 75E9 		64 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/601094538365217?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa49dbd868d89fc0b4ea86298beb3033b17b5b6807887e2e7102390b2fabf744
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:51 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14029
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
SFF3JdyXtwENrL7EdDqm6Ut0LTxpsbTxfX2HV6c6348xNopblcX88tqjJR35KVrv3VbdGHo5XNc5L1BifJQQ2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tracker.js
tracker.ads.sportradar.com/dist/ Frame 75E9 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist/tracker.js
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAATQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
x-amz-server-side-encryption
AES256
etag
"235331a0761142ae4fd345cdf7c7f9ed"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
AfcTMrGnui3j3PKIIu6JFOI0FR5cNI0CyKbMpamM5FCysDjLwu3izw==
content-length
6405
pixel
a.sportradarserving.com/ Frame 75E9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.sportradarserving.com/pixel?type=js&aid=1582&id=6645
Requested by
Host: tm.ads.sportradar.com
URL: https://tm.ads.sportradar.com/dist/tag-manager.js?id=STM-AAAATQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.196.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-196-42.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2c7221cd1b174cb1423a47e5abd17036f2f3eb71cb4926f9088322851b50ae99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
1125
Content-Type
text/javascript; charset=UTF-8
json
trc.taboola.com/1518940/trc/3/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1518940/trc/3/json?tim=1708451571890&data=%7B%22id%22%3A98%2C%22ii%22%3A%22%2Fptb%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1708451571876%2C%22cv%22%3A%2220240216-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Desportesdasorte-br-sc%3Aabp%3D1%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1708451571889%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE%22%2C%22tos%22%3A8%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1518940/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a692e4f81684d3951aef44809fbea2d9475a5ae15459581406d7db3d8228fc39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-vcl-time-ms
24
date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.32125
x-fastly-to-nlb-rtt
7716
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-etou8220083-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1708451572.925166,VS0,VE24
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
340ffafa04b3dfc48863176f99d41443-m.esportesdasorte.com-8baac225faa820b7f567c04f99ee0dc69685f27615f272d43489c478e624bebf5d99d88d2de34065fe36a063bce09909-c2VhbC5wbmc%3D
4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com/sealassets/ Frame 75E9 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com/sealassets/340ffafa04b3dfc48863176f99d41443-m.esportesdasorte.com-8baac225faa820b7f567c04f99ee0dc69685f27615f272d43489c478e624bebf5d99d88d2de34065fe36a063bce09909-c2VhbC5wbmc%3D?status=valid
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:6e00:14:4688:e200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:26 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
server
cloudflare
x-amz-cf-pop
FRA60-P3
age
145
x-powered-by
Express
etag
W/"b52e-9Sv9CXsT+D+kNxT1l4bvpAgvVaE"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=1200
cf-ray
858897887b8f380a-FRA
content-length
46382
x-amz-cf-id
Vb0G54w-NkFe7eYq1rGpabBQl8uJdUoz6cNfynyLZ5nC_GTyuOQOqg==
5981.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/5981.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f196df5e5c6074f779ef546fa69e4a204339b2f2f95da36eb72d2380ec0e57b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:56 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1c0-13d8"
content-type
image/png
x-varnish
110359628 128299363
cache-control
max-age=86400
accept-ranges
bytes
content-length
5080
expires
Wed, 21 Feb 2024 17:52:52 GMT
6977.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/6977.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
93dda4d45a8b4c0783d6ec64f0ed154b7ac4695ca7077999ceaf9eb0b6cdcb4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:57 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1c1-121a"
content-type
image/png
x-varnish
315423546 314209725
cache-control
max-age=86400
accept-ranges
bytes
content-length
4634
expires
Wed, 21 Feb 2024 17:52:52 GMT
48244.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/48244.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3e329f1ba7b4748e0db62d315060c3727dd25a75c0023e122dc52237521b3a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:53 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1bd-1cb0"
content-type
image/png
x-varnish
315602925 314288601
cache-control
max-age=86400
accept-ranges
bytes
content-length
7344
expires
Wed, 21 Feb 2024 17:52:52 GMT
1999.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1999.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6d13ac2830e46644f178a9a701693df17035b75d83dd0dbf44df7969140f7269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Thu, 28 Jan 2021 03:20:00 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"60122d60-1036"
content-type
image/png
x-varnish
299858980 287675845
cache-control
max-age=86400
accept-ranges
bytes
content-length
4150
expires
Wed, 21 Feb 2024 17:52:52 GMT
2697.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2697.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fa33ec0e79985a44a434c1cf886940d2ef433f6760701d1a8298b35a0d9087f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Wed, 31 Mar 2021 09:07:52 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"60643be8-27cc"
content-type
image/png
x-varnish
253243946 242413206
cache-control
max-age=86400
accept-ranges
bytes
content-length
10188
expires
Wed, 21 Feb 2024 17:52:52 GMT
2836.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2836.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
999fb1d3f9521d90199fcdddeb22789b91563ae2dfd94546bcb4409b57796439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:46 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b6-f53"
content-type
image/png
x-varnish
147435818
cache-control
max-age=86400
accept-ranges
bytes
content-length
3923
expires
Wed, 21 Feb 2024 17:52:52 GMT
2952.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2952.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d6f4bcf04c28eb572e2ac217401b3980dc6a95597c09b8d16f3a8a761364f965
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Tue, 16 Aug 2022 10:42:28 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"62fb7494-27a4"
content-type
image/png
x-varnish
283916331 278635194
cache-control
max-age=86400
accept-ranges
bytes
content-length
10148
expires
Wed, 21 Feb 2024 17:52:52 GMT
uniform-grey.png
static.sportingtech.com/common/assets/images/ Frame 75E9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/common/assets/images/uniform-grey.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
d9ab016186dd3a5df83e39a21884ebc771443a29cf97a7b3c088a75d2f061d44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Last-Modified
Thu, 25 Mar 2021 13:11:22 GMT
Server
nginx
ETag
"605c8bfa-1925"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Thu, 31 Dec 2037 23:55:55 GMT
17.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/17.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
31b0261dd1513ad724e12565e0641b6d71d6721ac04bdb53f65c43ebf0b13251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:41 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b1-1e95"
content-type
image/png
x-varnish
171340028 155541047
cache-control
max-age=86400
accept-ranges
bytes
content-length
7829
expires
Wed, 21 Feb 2024 17:52:52 GMT
50.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/50.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dd337ad4010a0136a5cc3f5de2ba1a2848d45496b4f8ea168ccb04d96d593d0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:54 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1be-1dc2"
content-type
image/png
x-varnish
66795419 62137512
cache-control
max-age=86400
accept-ranges
bytes
content-length
7618
expires
Wed, 21 Feb 2024 17:52:52 GMT
3002.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/3002.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
dca34648fdcb8a15b43c1d5399b279b15dc4078837b72b2849ce0ac5161b6066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:46 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b6-1c55"
content-type
image/png
x-varnish
134353137 127289815
cache-control
max-age=86400
accept-ranges
bytes
content-length
7253
expires
Wed, 21 Feb 2024 17:52:52 GMT
42.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/42.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c78bbd250897a9a576f63211e5a2e034aecc3a959bcb18aa8cdce8ed0224ab48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:50 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1ba-1c46"
content-type
image/png
x-varnish
155273439 153008087
cache-control
max-age=86400
accept-ranges
bytes
content-length
7238
expires
Wed, 21 Feb 2024 17:52:52 GMT
2714.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2714.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8b9ab32dcb9aae8642e4e9f6a6816baa086407fe3e26d1eab748a166467db705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:45 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b5-1110"
content-type
image/png
x-varnish
141059303 143054034
cache-control
max-age=86400
accept-ranges
bytes
content-length
4368
expires
Wed, 21 Feb 2024 17:52:52 GMT
2817.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2817.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8a59602641b1a79495197d5e045a3c350027ecc05cdcc03d00cb68f988348af6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:46 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b6-1b57"
content-type
image/png
x-varnish
174724782 171167233
cache-control
max-age=86400
accept-ranges
bytes
content-length
6999
expires
Wed, 21 Feb 2024 17:52:52 GMT
21864.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/21864.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1995815708eb0ca70ed360574f2ef57fd47d5198d46ba9f1e28d06b7865bf319
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:43 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b3-11e8"
content-type
image/png
x-varnish
316010493
cache-control
max-age=86400
accept-ranges
bytes
content-length
4584
expires
Wed, 21 Feb 2024 17:52:52 GMT
1954.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1954.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ac04d710c23d1cd16c4c346a4924ee02e5b495308bca0c4538883806df7b1a9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-1a71"
content-type
image/png
x-varnish
303133453 302025970
cache-control
max-age=86400
accept-ranges
bytes
content-length
6769
expires
Wed, 21 Feb 2024 17:52:52 GMT
1962.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1962.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
94780cdb45ffd71b01f35450a5db109681cfa6183cc2d9155732762d5cbe5829
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b2-165d"
content-type
image/png
x-varnish
315540800 314370759
cache-control
max-age=86400
accept-ranges
bytes
content-length
5725
expires
Wed, 21 Feb 2024 17:52:52 GMT
2011.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2011.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
af1468abef7dffd562b24dce60e541fa95aebd4bcfef20ef5153035cd3b62854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b2-17a0"
content-type
image/png
x-varnish
280235450 278930517
cache-control
max-age=86400
accept-ranges
bytes
content-length
6048
expires
Wed, 21 Feb 2024 17:52:52 GMT
1959.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1959.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
150d83d3908a81583ba6ff21fe20e5cef59f7daf4001dd6aa042e9aa1f06d576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-1a6f"
content-type
image/png
x-varnish
315653773 314972541
cache-control
max-age=86400
accept-ranges
bytes
content-length
6767
expires
Wed, 21 Feb 2024 17:52:52 GMT
2020.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2020.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
5c1a3036de0163cad11f39eecd4a54d8c6f0f7c02f5a9eb173ffdc19d94611a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b2-ef0"
content-type
image/png
x-varnish
122296957 122249133
cache-control
max-age=86400
accept-ranges
bytes
content-length
3824
expires
Wed, 21 Feb 2024 17:52:52 GMT
33714.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/33714.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
465ce70f5c1a82ec1e6c21ab1bfb839d8744a09a620afdbd824d5e5ffb051ed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:47 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b7-1b9a"
content-type
image/png
x-varnish
121256456 117881958
cache-control
max-age=86400
accept-ranges
bytes
content-length
7066
expires
Wed, 21 Feb 2024 17:52:52 GMT
1958.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1958.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7bf062b66dfcd6054fdbd318b53ea45ce69cba4aa57b0f1c113f67a56e6ace53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b2-1230"
content-type
image/png
x-varnish
303505942 299826240
cache-control
max-age=86400
accept-ranges
bytes
content-length
4656
expires
Wed, 21 Feb 2024 17:52:52 GMT
2673.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2673.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1eaa58b707922b725f47ee603ef373409f17a9a495a946065a6617f57d5ac1b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:45 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b5-1ab6"
content-type
image/png
x-varnish
138338655 135928308
cache-control
max-age=86400
accept-ranges
bytes
content-length
6838
expires
Wed, 21 Feb 2024 17:52:52 GMT
js
www.googletagmanager.com/gtag/ Frame 75E9 		300 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-X4EE8XZK67&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3d9a77013cc84219e60cae6039fe95abf88f6e9fd1a1cedf120f1e8fbe8f5d6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103518
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:52 GMT
js
www.googletagmanager.com/gtag/ Frame 75E9 		230 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-D0V6D8BRKP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9b9107b80b6971030cd8cd7a95f2cba5749e3b9ee137f0932bc6ee2bf7b79be8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83304
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 20 Feb 2024 17:52:52 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 75E9 		214 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57257
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
SLBpYJF4s74WRyzJBsv4g/l7vUG32MED5/7PKg88A7T2dIp5tFf3GJsOBffUM+++3nLfMYkU9ieLpj9H6bnlqA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga.js
ssl.google-analytics.com/ Frame 75E9 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Feb 2024 16:02:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6595
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Tue, 20 Feb 2024 18:02:57 GMT
/
www.googleadservices.com/pagead/conversion/11302942470/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11302942470/?random=1708451572124&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&bttype=purchase&npa=0&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
0bbd69abf08f9126c3d36b01bbed1046730ff56fb84ca27a88de0b98110f8d31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1595
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/11381431345/ Frame 75E9 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/11381431345/?random=1708451572138&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&bttype=purchase&npa=0&pscdl=noapi&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
cd42ba9ac9f370a8652075bee49465852d4b5b5db7a6905f0f76fde286f81705
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1594
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 75E9 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510319881490530341&lib=kwaiq
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Mon, 29 Jan 2024 03:23:36 GMT
Content-Encoding
gzip
x-oss-request-id
65B71A38D3C1853635F02872
X-Cache-Lookup
Cache Hit
Content-MD5
/21V4wxp4OkgyZ6pUCZL9w==
kwaisign
NULL
Connection
keep-alive
Content-Length
1691
X-Ks-Request-ID
10156055199239938406
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 29 Jan 2024 03:16:14 GMT
Server
Lego Server
Etag
"FF6D55E30C69E0E920C99EA950264BF7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
10156055199239938406
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3318901080980820640
x-oss-server-time
3
Expires
Wed, 28 Feb 2024 03:23:36 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ Frame 75E9 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=535708142756970526&lib=kwaiq
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Mon, 29 Jan 2024 03:23:36 GMT
Content-Encoding
gzip
x-oss-request-id
65B71A38D3C1853635F02872
X-Cache-Lookup
Cache Hit
Content-MD5
/21V4wxp4OkgyZ6pUCZL9w==
kwaisign
NULL
Connection
keep-alive
Content-Length
1691
X-Ks-Request-ID
7735313311260876875
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 29 Jan 2024 03:16:14 GMT
Server
Lego Server
Etag
"FF6D55E30C69E0E920C99EA950264BF7"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
7735313311260876875
Accept-Ranges
bytes
x-oss-hash-crc64ecma
3318901080980820640
x-oss-server-time
3
Expires
Wed, 28 Feb 2024 03:23:36 GMT
b_esportesdasorte.js
scripts.mediamathrdrt.com/scripts/ Frame 75E9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.mediamathrdrt.com/scripts/b_esportesdasorte.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:88da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12bec9bcbb5089d65e103eabb935980e6015d10ccfb867a6e7ee9a1913b3d445

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-runtime
0.030187
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"12bec9bcbb5089d65e103eabb935980e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLHsMqKBt72SIsvebj5fdoujzpfk2SdwrRDe9moR1Q0pygh9dJui0WIPm9thuIDGyNwCTbJrnoymnyfREHlSF2vfXUptOZlF6qGQ7fKgGkVzUQe5aMKZ0mxAgvSu6IWVczd6%2FWx0u%2F72yxMYbPLCroikkOgx5xsX"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
85889b17cf9a215b-CDG
alt-svc
h3=":443"; ma=86400
x-request-id
b6d37b1e-a0de-4be2-ab69-42c901447cb5
seg
secure.adnxs.com/ Frame 75E9 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=34833924&t=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
an-x-request-uuid
ef1f8994-878e-4696-b88e-fb1caac96710
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ld.js
dynamic.criteo.com/js/ld/ Frame 75E9 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=110018
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
796f8b86105caa4bb51fdc652d1a6139eae855a25510f3f72820affbd1a4b37e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 0664 		72 B
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
226a0dffeb1f6e65b86db44b00b2a1e0356f44fb99b9306c0885d0049ab854e4

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://estrelabet.com
date
Tue, 20 Feb 2024 17:52:52 GMT
access-control-allow-credentials
true
content-length
72
content-type
text/plain;charset=UTF-8
api
api.mythad.com/log/common/co/ Frame 0664 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
e744d88d2c886b8f85b27c9524cc4beec858f602d1e95a77ee972a2b59d43417

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 0664 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
f1b332de80a7d68271fccf7163793dde09edaff493de50057ae566e4c5ddc7ac

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:52 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:52 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
api
api.mythad.com/log/common/co/ Frame 0664 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
62f76e4176bc80ff30b2f3a6ce28c26a573f14f0e8614ab03f79a8774a2250a5

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://estrelabet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://estrelabet.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:52 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
7063826670-7083488100-7046586785-7063826670-6885978114-7076043118-7098464056-6885984865-7076042875-6885984865
m.esportesdasorte.com/api-v2/fixture-search/m/23/esportesdasortevip/ Frame 75E9 		166 B
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/fixture-search/m/23/esportesdasortevip/7063826670-7083488100-7046586785-7063826670-6885978114-7076043118-7098464056-6885984865-7076042875-6885984865
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
65bdb4b5ebb2ec318cb2a4a0e6cc504cdbcaff186bfc5c8cee20af7f52363a0d

Request headers

bragiurl
https://bragi.sportingtech.com/
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"a6-c9D32466bEbKVQCq9tSfsb1bdio"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
content-length
166
x-amz-cf-id
2c2JqzYRMuJza1DX-kOcUEgnLSGm9Siki5Pig3tAwIpuCVxY9JJMRw==
x-proxy-cache
HIT
tags
odin.sportingtech.com/api/user/casinoapi/games/ Frame 75E9 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/games/tags
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ef3ac95e998315e0fae47007c4cd5de5881a1ee96d09b3176532e6fe76afe5f1

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
x-appserver
192.168.50.15:9093
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
FQUqjoWfLV76i_RjLPe7FpW6wGgwsERlLRj_hVX-E6pECqocqGxmxg==
tags
odin.sportingtech.com/api/user/casinoapi/games/ Frame 75E9 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://odin.sportingtech.com/api/user/casinoapi/games/tags
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.150.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
391f47b84c8bad2232361d492674e6e5d3509c47487f93930cea6f2a0ad6a418

Request headers

Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-appserver-status
200
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
gzip
via
1.1 098d0bc53760fa1298f8e491bb1d24b8.cloudfront.net (CloudFront)
x-amz-cf-pop
HAM50-P3
x-cache
Miss from cloudfront
x-appserver
192.168.50.102:9093
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://m.esportesdasorte.com
access-control-expose-headers
Set-Cookie,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice
access-control-allow-credentials
true
access-control-allow-headers
g-recaptcha-response,Access,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Pragma,Expires,Content-Type,s7oryO9STV,Z7fPnEO7qZ,s5yHkO9STV,X-PGusername,X-PGtradername,X-PGDevice,languageid,clicktelligence_ref_id,voluum_click_id,X-BONUS-ID,X-FREEBET-ID,X-CSN-BONUS-ID,X-CSN-FREESPIN-ID,X-PROMO-CODE,finger_print
x-amz-cf-id
Dicks-maVrRHed9Zxboa3lw-FEHWQw28S45OWjPoCCJIm8_i68jXUg==
e30=
m.esportesdasorte.com/api-v2/bet-type-groups/m/23/esportesdasortevip/ Frame 75E9 		58 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.esportesdasorte.com/api-v2/bet-type-groups/m/23/esportesdasortevip/e30=
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-102.fra53.r.cloudfront.net
Software
nginx / Express
Resource Hash
7d143801b509bb471d4f5546f002fc5e79a86d642d809fc6a509b7c84773cc2d

Request headers

bragiurl
https://bragi.sportingtech.com/
accept-language
de-DE,de;q=0.9
encodedbody
e30=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE
device
m
customorigin
https://m.esportesdasorte.com
languageid
23

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
via
1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA53-C1
x-powered-by
Express
etag
W/"e783-c1LaPeIaXUQIDog1+0WIOxGuF6g"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
x-amz-cf-id
_tTodJYjyayo0dFVxycfQ5pDDzh17Vtqo99hE4oGnLa8IifKB4peDw==
x-proxy-cache
HIT
adsct
t.co/1/i/ Frame 75E9 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f3a89edc-dc08-4fb5-b9af-badd996877f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3d052a99-85a7-4523-b0b9-4815eee07c17&tw_document_href=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&tw_iframe_status=1&txn_id=odwdr&type=javascript&version=2.3.29
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
156
date
Tue, 20 Feb 2024 17:52:51 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
ddf1804c602d12b1
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
3f1752c95a399075bca51dfabc8da6e5642ebc3b90e9262896ac4b3eba0ac917
content-length
43
adsct
analytics.twitter.com/1/i/ Frame 75E9 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=f3a89edc-dc08-4fb5-b9af-badd996877f5&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3d052a99-85a7-4523-b0b9-4815eee07c17&tw_document_href=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&tw_iframe_status=1&txn_id=odwdr&type=javascript&version=2.3.29
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-response-time
154
date
Tue, 20 Feb 2024 17:52:51 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
0b0fbbaab0f56675
cache-control
no-cache, no-store, max-age=0
perf
7469935968
x-connection-hash
e06bf2cd7b5f7bf38dd09d43dc98cace7172b0ea1d795449e8402c1fff2c8786
content-length
43
uniform-grey.png
static.sportingtech.com/common/assets/images/ Frame 75E9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/common/assets/images/uniform-grey.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
d9ab016186dd3a5df83e39a21884ebc771443a29cf97a7b3c088a75d2f061d44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Last-Modified
Thu, 25 Mar 2021 13:11:22 GMT
Server
nginx
ETag
"605c8bfa-1925"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6437
Expires
Thu, 31 Dec 2037 23:55:55 GMT
342192.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/342192.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
x-sbe
logos_prod_web1
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
x-varnish
136105008 135978640
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:52 GMT
1993.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1993.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
71e7faeb23539a80cfbc809a13720c7aa5007367e513a59f35833da63e9387d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-11fc"
content-type
image/png
x-varnish
303503788 301852955
cache-control
max-age=86400
accept-ranges
bytes
content-length
4604
expires
Wed, 21 Feb 2024 17:52:52 GMT
uniform-red.png
static.sportingtech.com/common/assets/images/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/common/assets/images/uniform-red.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
a0c87abe10428cb2263bdb4fb732b88a1ba8a6e3cb03ef945ea5351c7329c88e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Last-Modified
Thu, 25 Mar 2021 13:11:22 GMT
Server
nginx
ETag
"605c8bfa-1c04"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7172
Expires
Thu, 31 Dec 2037 23:55:55 GMT
1378.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1378.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7f56384c81dfb271e6151be0ed1eb3ef26267cab847b6e117fbbed6c8b1fd35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:40 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
x-sbe
logos_prod_web1
etag
"5dd2a1b0-15d1"
x-varnish
140888316 140651223
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5585
expires
Wed, 21 Feb 2024 17:52:52 GMT
22216.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/22216.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
x-sbe
logos_prod_web2
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
x-varnish
140888314 138217827
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:52 GMT
1894.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1894.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3f3fbbc80d89c736becb89f921aa829cec3ecff930d34885bcbd54224f936c29
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
x-sbe
logos_prod_web2
etag
"5dd2a1b2-1698"
x-varnish
69796382 69711140
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
5784
expires
Wed, 21 Feb 2024 17:52:52 GMT
1897.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/1897.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b1ebc5702fe31f9cc661f1521a38b415630a3fd814642d56974385c4a5c02bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-fe0"
content-type
image/png
x-varnish
122985799 122530424
cache-control
max-age=86400
accept-ranges
bytes
content-length
4064
expires
Wed, 21 Feb 2024 17:52:52 GMT
220514.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/220514.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
398f45c7c6fe20521d59e62526b55a2431b587b98287926d8fae0ed8e4a385f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Thu, 30 Jun 2022 11:13:14 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"62bd854a-2792"
content-type
image/png
x-varnish
135986049 135946378
cache-control
max-age=86400
accept-ranges
bytes
content-length
10130
expires
Wed, 21 Feb 2024 17:52:52 GMT
55035.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/55035.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
d2f28cbbbfbd7a268f974848324438fccb4380abbef243ef5fc1265f171ee443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Mon, 18 Nov 2019 13:50:55 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1bf-fa4"
content-type
image/png
x-varnish
313473716 315852216
cache-control
max-age=86400
accept-ranges
bytes
content-length
4004
expires
Wed, 21 Feb 2024 17:52:52 GMT
async_usersync
ib.adnxs.com/ Frame 642A 		0
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
an-x-request-uuid
1c7e40ce-f330-43b3-93f4-a28a03510e81
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
685299486541687
connect.facebook.net/signals/config/ Frame 75E9 		27 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/685299486541687?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2efd207afe4b1ff32a39e4a94c7b7c93df3065199b03f118083c17c7060a7315
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:52 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4143
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
4Et6sLlMOBp2oY77OTHnbRS+Gb3v+FLiu2hQksq8csHYGWpn9EBoYuuSHi475a7D9ZDwgB0Z9iBu9CIFLF7eIw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=601094538365217&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451572508&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708451572501.1334713959&cs_est=true&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:52 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sp-3.8.0.js
tracker.ads.sportradar.com/dist// Frame 75E9 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.ads.sportradar.com/dist//sp-3.8.0.js
Requested by
Host: tracker.ads.sportradar.com
URL: https://tracker.ads.sportradar.com/dist/tracker.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:22::1726:62c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
gzip
last-modified
Tue, 12 Sep 2023 08:33:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
x-amz-server-side-encryption
AES256
etag
"143272dddc33395008a84a86ac9c2e96"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900, public
accept-ranges
bytes
x-amz-cf-id
9j1NncUqWX2R8F-7KypmzOFMuHsbT4GsDhteAXTf6A_1FvhS2uUVag==
content-length
24162
sync
x.bidswitch.net/ Frame 75E9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=092ef143-3402-4d38-8ef2-74be29daf248
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/ Frame 75E9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=a6e65997-a0ce-4ac0-8cd6-960dc2849a0c
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
x.bidswitch.net/ Frame 75E9 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=2&user_id=e6a91920-f1a6-481f-865b-b302d7ce9731&cb=2599b3d7-ec6d-45d3-84c0-f3a9c890e957
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
d63033a6-e9ff-476a-9563-e3daf682c9cc
ekr.zdassets.com/compose/ Frame 75E9 		1 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ekr.zdassets.com/compose/d63033a6-e9ff-476a-9563-e3daf682c9cc
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86770dc84be4da0c0fd8e39e79cabd20ac5b994d1ead10c7a5d6adf5e3d26553
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:53 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-encoding
br
cdn-cache-control
max-age=60
x-xss-protection
1; mode=block
x-request-id
857d7565cafe4f83-SEA, 857d7565cafe4f83-SEA
x-runtime
0.004175
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"86770dc84be4da0c0fd8e39e79cabd20"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjEh7ciD4Ve1KaiCTJXfcUSSlE819BWjji3Uz5yyH5xs8rhtgXYg29FYItkm6eYlLdm8Jc3w0sxZRCf3aTItnytEnggE9nMv9D5PkUNUrupsrLFF7YOg55AhoNjSm%2FLwmlM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary
Accept, Origin, Accept-Encoding
cache-control
max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type
application/json; charset=utf-8
x-zendesk-zorg
yes
cf-ray
85889b197e65355d-WAW
/
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/ Frame 10F9 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
51e1d15921cbfa819feda0d858fd8c1a99879ee7bd5aff5081acbd14b7423e56
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Referer
https://joiabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding
gzip
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type
text/html
date
Tue, 20 Feb 2024 17:52:52 GMT
last-modified
Tue, 20 Feb 2024 03:26:25 GMT
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server
fwe
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-upstream-service-time
1
x-fw-ratelimiting-managed
false
x-request-id
adcbebb5-b5ab-4fd6-8e66-611c3f84691a
x-server
mwm5j
x-trace-id
00-228b0ca6b4cd7d0414c268248fb5838a-c2fc5ba8e8ab7527-00
x-xss-protection
1; mode=block
widget.css
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/css/ Frame 041E 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/css/widget.css?t=1708451572567
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://joiabet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time
1
x-xss-protection
1; mode=block
x-request-id
cd925d7b-44f8-4d60-87fb-e8e1b7cb592e
x-trace-id
00-7548cdbba8e5f45dc2a64e8636eb107a-5943be7abdb5e55e-00
last-modified
Tue, 20 Feb 2024 03:26:25 GMT
server
fwe
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
text/css
x-fw-ratelimiting-managed
false
cache-control
max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server
l8dr2
expires
Wed, 19 Feb 2025 17:52:52 GMT
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 75E9 		201 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
fbba1bef304177fb96026f34271c0d80f46137512237c6a95de0ece1ffa2807e

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:52 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:52 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 75E9 		202 B
630 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
c12c57928015b8d03e0529e7d1c3cff79dbe93aac02a6518faa99d446ce56859

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
getGrayInfo
api.mythad.com/rest/n/adintl/gray/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:53 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/661411298/ Frame 75E9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/661411298/?random=1708451572623&cv=11&fst=1708451572623&bg=ffffff&guid=ON&async=1&gtm=45je42e0v9105033121z8893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&npa=0&pscdl=noapi&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X4EE8XZK67&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3586d49aec42c0b53efb201eda6a9b36064fc95e3ccb45d754938dedcc6a11c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1423
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/11302942470/ Frame 75E9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=s...
  • https://www.google.com/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIqIHTiL66hAMVLCMGAB0dzgKhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZai3EKzGmLAPnZyLiAo&cid=CAQSKQAvHhf_a01ySvzhabBUzM28JSAe4VJTZCQtM6UjICfFwOPGDr-MhVGP&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxQVeGKMmQSrxmRuP141sI4ArIgpIYovZw&random=3905027040&ipr=y
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11302942470/?random=271428288&cv=11&fst=1708451572124&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=_cvjCLGmmOsYEIbu1I0q&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMIqIHTiL66hAMVLCMGAB0dzgKhMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZai3EKzGmLAPnZyLiAo&cid=CAQSKQAvHhf_a01ySvzhabBUzM28JSAe4VJTZCQtM6UjICfFwOPGDr-MhVGP&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxQVeGKMmQSrxmRuP141sI4ArIgpIYovZw&random=3905027040&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/11381431345/ Frame 75E9
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=s...
  • https://www.google.com/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&...
  • https://www.google.de/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMI0oXTiL66hAMV-SIGAB0vPQr5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZdK7EPnFmLAPr_qoyA8&cid=CAQSKQAvHhf_Euh31y7yQjwmR7lEg2gOEqGPOeWgOu6OKyEK6obRV26OTPGC&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxwNL1YYwtikXfNVQeDUeBqHM2TAwxzZbQ&random=2501537063&ipr=y
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/11381431345/?random=610013196&cv=11&fst=1708451572138&bg=ffffff&guid=ON&async=1&gtm=45He42e0v893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&top=https%3A%2F%2Ftnonline.uol.com.br&label=47cICM2B5O8YELG4i7Mq&hn=www.googleadservices.com&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&value=0&npa=0&pscdl=noapi&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=COy7sQI&pscrd=IhMI0oXTiL66hAMV-SIGAB0vPQr5MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAg&is_vtc=1&ocp_id=9ObUZdK7EPnFmLAPr_qoyA8&cid=CAQSKQAvHhf_Euh31y7yQjwmR7lEg2gOEqGPOeWgOu6OKyEK6obRV26OTPGC&eitems=ChAIgLjRrgYQmaGvjpLW2sIpEh0Am77LvxwNL1YYwtikXfNVQeDUeBqHM2TAwxzZbQ&random=2501537063&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 0664 		69 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bdc0d2f82df0d0e1907f42ccc5f4ae71992e959a156b3756fefd1920adf80957

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://estrelabet.com
date
Tue, 20 Feb 2024 17:52:53 GMT
access-control-allow-credentials
true
content-type
text/plain;charset=UTF-8
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
69
quic-version
0x00000001
vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:49:41 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 06 Feb 2024 06:36:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
221
x-amz-server-side-encryption
AES256
etag
W/"d64d219ca4493f67a3970efc52d51c86"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
AKKBNGphXlfLpUlNCVoca1qsWiX73FtV2eQgBNQaHSc4R7e59mF9WQ==
expires
Wed, 19 Feb 2025 03:26:15 GMT
hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		0
420 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:41 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
12
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
0
last-modified
Wed, 14 Feb 2024 05:55:55 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
KCOroCYBD8d3r3TWHaYIHA8b-HkZ7a_9CAkG029IGXCiLjqPoBEUrA==
expires
Wed, 19 Feb 2025 03:26:15 GMT
vendor.862630a2b93632e0d7bbae6d63246102.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		684 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:49:54 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
180
x-amz-server-side-encryption
AES256
etag
W/"862630a2b93632e0d7bbae6d63246102"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
SLKU6bm_pTnLEahcVSWerUAsBSeoOWGC9KkjX7QRlCUmUFBG-6z8ew==
expires
Wed, 19 Feb 2025 03:26:15 GMT
531714915690089
connect.facebook.net/signals/config/ Frame 75E9 		30 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/531714915690089?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
265d92e31b90a0835b952683556ca3fdafb77d6375a819c70907ddb067746f55
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4551
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
GKoJ9e9SC3pihKMTAuejzwTIjPT/C3SdZ31fpmz//ChnM8ley6EDLAf5pcvL+D39Bj8Tm/9uXBdvMNCXPN3ruw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=685299486541687&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451572894&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708451572891.1653472279&cs_est=true&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sync
rtg.mediamathrdrt.com/ Frame 75E9 		43 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtg.mediamathrdrt.com/sync?ref=&lp=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&sh=1200&sw=1600&date=1708451572912&fp=uid-7578066258.7020742555
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:88da , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:53 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
content-transfer-encoding
binary
content-disposition
inline; filename="pixel.gif"
alt-svc
h3=":443"; ma=86400
content-length
43
x-xss-protection
1; mode=block
x-request-id
691ef846-e2fc-4dc1-82cf-4fe6545302e4
x-runtime
0.001389
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVLxHDB4bO9LghD6RV6fMPKl3RM2dD%2Fwk9Ckyx4dhoLpdIXfgbdxnvOkS5016AlZjfzwAgW8TVYqiASJ6rWkHpknCgZ6e8cPKkIp63Gqtut3FPO%2FF70stBPww%2BAaRM5lOgC6INJr25x2g3o2eT0qqabOIfY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
no-cache
cf-ray
85889b1afdc4215b-CDG
px
secure.adnxs.com/ Frame 75E9 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/px?id=1720356&t=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBNKR3W
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
an-x-request-uuid
0448c6ac-06b6-42f7-beb0-166013f2ead1
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/javascript; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
www.google.com/pagead/1p-user-list/661411298/ Frame 75E9 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/661411298/?random=1708451572623&cv=11&fst=1708448400000&bg=ffffff&guid=ON&async=1&gtm=45je42e0v9105033121z8893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_B6uxeVD8KAep-1dDeBD51Qb5JVxHZvfGV-5i-DLCIjJLDQFf&random=3763670436&rmt_tld=0&ipr=y
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/661411298/ Frame 75E9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/661411298/?random=1708451572623&cv=11&fst=1708448400000&bg=ffffff&guid=ON&async=1&gtm=45je42e0v9105033121z8893699892za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&frm=2&tiba=Esportes%20da%20sorte%20%C3%A9%20muito%20mais%20que%20bet%20!!&npa=0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQAvHhf_B6uxeVD8KAep-1dDeBD51Qb5JVxHZvfGV-5i-DLCIjJLDQFf&random=3763670436&rmt_tld=1&ipr=y
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 671B 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=tnonline.uol.com.br&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=110018
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://m.esportesdasorte.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:52 GMT
server
Kestrel
server-processing-duration-in-ticks
348962
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 75E9 		279 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=510319881490530341&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=510319881490530341&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bd331d1513f444bde10ec0205288e5cf151be6d7750f8297c3b7fcb57eeb1ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Tue, 06 Feb 2024 07:23:23 GMT
Content-Encoding
gzip
x-oss-request-id
65C1DE6B04586B3635CEC1C1
X-Cache-Lookup
Cache Hit
Content-MD5
+0RRB2jc0QlGRcXoCZBgkA==
kwaisign
NULL
Connection
keep-alive
Content-Length
74964
X-Ks-Request-ID
12551337972229882615
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 06 Feb 2024 07:18:03 GMT
Server
Lego Server
Etag
"FB44510768DCD1094645C5E809906090"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
12551337972229882615
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14735527793861735101
x-oss-server-time
23
Expires
Thu, 07 Mar 2024 07:23:23 GMT
3790.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/3790.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
10e7f2577b8d1525dd124c270078f9f3a363a55965eb1a03b290403d731d134d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Fri, 02 Nov 2018 13:07:43 GMT
Server
nginx
ETag
"5bdc4c1f-1a2b"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6699
Expires
Thu, 31 Dec 2037 23:55:55 GMT
loading.gif
static.sportingtech.com/m-common/assets/images/ Frame 75E9 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/loading.gif
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
26a2cd3394cfc69100e07b1f03de3c0e4aa1fde15d3f84639d9c7a2c5089b363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Fri, 10 Jan 2020 15:33:33 GMT
Server
nginx
ETag
"5e18994d-a0a4"
Content-Type
image/gif
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41124
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ortiz_wac.png
static.sportingtech.com/m-common/assets/images/casino/32x32/ Frame 75E9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/32x32/ortiz_wac.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
73b4947e47ab374f76d32ddce7d8a9491efe272f18fa086487a4bdf6b410e8cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Fri, 02 Nov 2018 13:08:10 GMT
Server
nginx
ETag
"5bdc4c3a-b51"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2897
Expires
Thu, 31 Dec 2037 23:55:55 GMT
15124.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/15124.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
9103bd598c8375a42ba154103dd920c2a114bbb579c3517da53836f6ccaf29a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Tue, 06 Jul 2021 13:59:11 GMT
Server
nginx
ETag
"60e461af-1efa"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7930
Expires
Thu, 31 Dec 2037 23:55:55 GMT
spinomenal.png
static.sportingtech.com/m-common/assets/images/casino/32x32/ Frame 75E9 		763 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/32x32/spinomenal.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
61b66fa88549fc8cce2a5fb759147ab6c4f15981dadab36a1ac12e056134518b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Tue, 20 Jul 2021 13:33:16 GMT
Server
nginx
ETag
"60f6d09c-2fb"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
763
Expires
Thu, 31 Dec 2037 23:55:55 GMT
14707.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/14707.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
993bd11d7be00273471df26f484a2509130567d8352a6726c581ab354b65f67f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 04 Aug 2022 08:52:53 GMT
Server
nginx
ETag
"62eb88e5-1d62"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7522
Expires
Thu, 31 Dec 2037 23:55:55 GMT
endorphina.png
static.sportingtech.com/m-common/assets/images/casino/32x32/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/32x32/endorphina.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
3a76f37cf2347473b584d13cd8abbec2d7806bcf28ba7a08e5a20acda492c474

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 14 Dec 2020 12:31:59 GMT
Server
nginx
ETag
"5fd75b3f-1705"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5893
Expires
Thu, 31 Dec 2037 23:55:55 GMT
21281.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/21281.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
9c48d2a8bad2939a9b5de995ac74d4736000ed25522124eef13d4c94656ec9a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 07 Nov 2022 11:13:06 GMT
Server
nginx
ETag
"6368e842-2035"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8245
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pragmatic_play.png
static.sportingtech.com/m-common/assets/images/casino/32x32/ Frame 75E9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/32x32/pragmatic_play.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
4657a325e1aa439067592cb94db05d7627e68a36fe53fb24cc34ad2784415dab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 29 Jan 2024 08:46:12 GMT
Server
nginx
ETag
"65b765d4-5f2"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1522
Expires
Thu, 31 Dec 2037 23:55:55 GMT
12488.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/12488.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
fe37e16097141d9843a641719a2556617b14545eb17170ff6b3e400d75752e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 04 Aug 2022 08:52:20 GMT
Server
nginx
ETag
"62eb88c4-1966"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6502
Expires
Thu, 31 Dec 2037 23:55:55 GMT
7787.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/7787.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
6ed89dfc9e6e053b29ff5af2f76765ca2e9ddf9ff0dfdd689dd3d8be701e1b87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Fri, 26 Jan 2024 14:52:26 GMT
Server
nginx
ETag
"65b3c72a-f25f"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
62047
Expires
Thu, 31 Dec 2037 23:55:55 GMT
spribe.png
static.sportingtech.com/m-common/assets/images/casino/32x32/ Frame 75E9 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/32x32/spribe.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
ebd372f243ba75497743387355196a8b2571875bee19808d6ce4e74e63c1ce80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 29 Jan 2024 08:40:07 GMT
Server
nginx
ETag
"65b76467-36e"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
878
Expires
Thu, 31 Dec 2037 23:55:55 GMT
7791.jpg
static.sportingtech.com/m-common/assets/images/casino/300x200/ Frame 75E9 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/casino/300x200/7791.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
dba92830bfbf732928030a23c7627a46635e0c33b3208282539f0433a0ecd288

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Fri, 26 Jan 2024 14:52:26 GMT
Server
nginx
ETag
"65b3c72a-fd33"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
64819
Expires
Thu, 31 Dec 2037 23:55:55 GMT
18452.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/18452.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
cfb704376fd75d49de33af9fdc3b8c71bdd2da1bb2b84d4bf92c681562180be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 24 Feb 2022 11:48:10 GMT
Server
nginx
ETag
"6217707a-162c"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5676
Expires
Thu, 31 Dec 2037 23:55:55 GMT
evol.png
static.sportingtech.com/m-common/assets/images/livecasino/32x32/ Frame 75E9 		829 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/32x32/evol.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
e913dfe5f9c84bf01ff60f77e33a70e9e62fb5c1c6bfd3cfa279474a2d68949f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Tue, 30 Jan 2024 09:59:10 GMT
Server
nginx
ETag
"65b8c86e-33d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
829
Expires
Thu, 31 Dec 2037 23:55:55 GMT
23090.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/23090.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
81479eb833ecb321e51f34c46b954c3ef189e0aca65d563d5a1d672b121b01a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 15 Jun 2023 10:32:46 GMT
Server
nginx
ETag
"648ae8ce-23b8"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9144
Expires
Thu, 31 Dec 2037 23:55:55 GMT
ezugi.png
static.sportingtech.com/m-common/assets/images/livecasino/32x32/ Frame 75E9 		584 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/32x32/ezugi.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
038157cd4038faaa3aa459c7b7c08485b2511523f7b7e686314784b176095943

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 29 Jan 2024 08:40:01 GMT
Server
nginx
ETag
"65b76461-248"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
584
Expires
Thu, 31 Dec 2037 23:55:55 GMT
484.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/484.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
32cee45308d1ec5613019e539d46e898d63dc97e08b55ee6ef7aaebc16f3418d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 09 Nov 2020 08:15:21 GMT
Server
nginx
ETag
"5fa8fa99-17e8"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6120
Expires
Thu, 31 Dec 2037 23:55:55 GMT
xpro.png
static.sportingtech.com/m-common/assets/images/livecasino/32x32/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/32x32/xpro.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
d78a8df1b84fdcb20764baff4a92fa858edea6724dd8b341161f9c0013f75baa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 01 Oct 2020 12:27:44 GMT
Server
nginx
ETag
"5f75cb40-1235"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4661
Expires
Thu, 31 Dec 2037 23:55:55 GMT
9166.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/9166.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
3caa1536b679b0f2b073fbd4271da5d34fa590984235d159dbcee4a177e659bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 19 Mar 2020 14:07:43 GMT
Server
nginx
ETag
"5e737caf-27f7"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10231
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vivo.png
static.sportingtech.com/m-common/assets/images/livecasino/32x32/ Frame 75E9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/32x32/vivo.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
da4573c02564cf2577814f7fe2046eb46c6a913beaa839f1758ec90110f355b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Thu, 15 Mar 2018 14:25:08 GMT
Server
nginx
ETag
"5aaa8244-560"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1376
Expires
Thu, 31 Dec 2037 23:55:55 GMT
18479.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/18479.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
c9de0ea2e2ddc9e786e154d384bde65ba5c6ecab0091148bde8b8295c34cc6ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Wed, 07 Sep 2022 12:29:23 GMT
Server
nginx
ETag
"63188ea3-1cf5"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7413
Expires
Thu, 31 Dec 2037 23:55:55 GMT
18280.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/18280.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
2dd7c05a17e4d2632289786638fcf393c0d16913326d49746549e5304833bc7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 15 Jan 2024 09:16:10 GMT
Server
nginx
ETag
"65a4f7da-b39e"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
45982
Expires
Thu, 31 Dec 2037 23:55:55 GMT
18024.jpg
static.sportingtech.com/m-common/assets/images/livecasino/300x200/ Frame 75E9 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/300x200/18024.jpg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
c6fb46b307b4b9fc2c1f330846bab3bf56a1fe8a4055dc58ece53e2673e1976e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 15 Jan 2024 09:12:57 GMT
Server
nginx
ETag
"65a4f719-1dfc8"
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
122824
Expires
Thu, 31 Dec 2037 23:55:55 GMT
pragmatic_play.png
static.sportingtech.com/m-common/assets/images/livecasino/32x32/ Frame 75E9 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.sportingtech.com/m-common/assets/images/livecasino/32x32/pragmatic_play.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
78.46.77.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.77.46.78.clients.your-server.de
Software
nginx /
Resource Hash
4657a325e1aa439067592cb94db05d7627e68a36fe53fb24cc34ad2784415dab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Last-Modified
Mon, 29 Jan 2024 08:45:35 GMT
Server
nginx
ETag
"65b765af-5f2"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1522
Expires
Thu, 31 Dec 2037 23:55:55 GMT
588171419936622
connect.facebook.net/signals/config/ Frame 75E9 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/588171419936622?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21aa0d4a05de2ad7ae751287f85ef65bbcfd958db062a87a088000c49385eb39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3819
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
Vh7mG8mWo4S0uwiSb6xiWMHJXs4/jSvyPaak2OOSB4ZrjrEbpDHNmNYeil2XKzjxewK1Ms4Euvg95sjaIPbmGQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=531714915690089&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451573456&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708451573453.637049913&cs_est=true&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 75E9 		70 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cee98f383fb34764ad6443b0d7deaf9287ac8b1c22557c0232eaeaa35b9ec0ae

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://m.esportesdasorte.com
date
Tue, 20 Feb 2024 17:52:53 GMT
access-control-allow-credentials
true
content-type
text/plain;charset=UTF-8
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
70
quic-version
0x00000001
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ Frame 75E9 		71 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
88.221.83.82 Diegem, Belgium, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-83-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
abf06871460c4146014c28238429a90da8163d60d075e07d566ccd0a046143de

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://m.esportesdasorte.com
date
Tue, 20 Feb 2024 17:52:53 GMT
access-control-allow-credentials
true
content-type
text/plain;charset=UTF-8
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
71
quic-version
0x00000001
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ Frame 75E9 		335 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=510319881490530341
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
b0ed19b954889ad2410036aad1586cb446042527f058136f68c7f851cee9e1e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
getPixelConfig
api.mythad.com/rest/n/adintl/ad/ Frame 75E9 		389 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=535708142756970526
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
2574b63beabebbfd0df7880a80e5539e5dd37cb8295956f989aa7a1b078a90a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:53 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
211.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		772 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/211.js
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:40 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
14
x-amz-server-side-encryption
AES256
etag
W/"47c822f8cee790a907c6e7dd37148e0b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
-BL5btHEdeHVOxzRGWySAVQX1tziQMmLMQznGsogj5mgLJN1kGuWJg==
expires
Wed, 19 Feb 2025 03:26:15 GMT
sid
mug.criteo.com/ Frame 671B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=m.esportesdasorte.com&sn=ChromeSyncframe&so=0&topUrl=tnonline.uol.com.br&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=89MZ53x6cVBhU3ZvSlBYV1ZxcDFPdmhHZlcvQU1YTk9TMnNTZDN4ZGtlcnhJSHhPcHZBOFA4QW5ldHpFTG1QSHgxU2szRmZvaXpWWjFyRThGY3B6Zjh1NXNSb2xqTW9YZEdyTnJObnBSVCtvazh6MTA0ekxrTUJGdEhYTV...
443 B
657 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=89MZ53x6cVBhU3ZvSlBYV1ZxcDFPdmhHZlcvQU1YTk9TMnNTZDN4ZGtlcnhJSHhPcHZBOFA4QW5ldHpFTG1QSHgxU2szRmZvaXpWWjFyRThGY3B6Zjh1NXNSb2xqTW9YZEdyTnJObnBSVCtvazh6MTA0ekxrTUJGdEhYTVdRSG9DS3FSWW5jUXhPTnc4dXRtMUtwUDBpUFgybmVKbGFCWXVjSFliaXhLajRpNlduNEZ3dGlxVURMVHMxcXB3N1hub2x1RHVLb1kwenpNQ1hLS3ZKeVBhejBhYmhIQ2x0YmppQkdjZ3lvMDM4ckNGU2ZnMFM2M2ZVNnM3SHdVVGp1OUlsb0tCM3dxaFZ4VlV2dTkwS2hSZFNmWDVzNFhQTGFsaTAzcitiNkpMUFdlbEU1QT18&cppv=2
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
db15ffd30816a5cd6134239c7e2123748b031f70b5d4ec533e1f321e54cc1911
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1270571
expires
0

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:52:52 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=89MZ53x6cVBhU3ZvSlBYV1ZxcDFPdmhHZlcvQU1YTk9TMnNTZDN4ZGtlcnhJSHhPcHZBOFA4QW5ldHpFTG1QSHgxU2szRmZvaXpWWjFyRThGY3B6Zjh1NXNSb2xqTW9YZEdyTnJObnBSVCtvazh6MTA0ekxrTUJGdEhYTVdRSG9DS3FSWW5jUXhPTnc4dXRtMUtwUDBpUFgybmVKbGFCWXVjSFliaXhLajRpNlduNEZ3dGlxVURMVHMxcXB3N1hub2x1RHVLb1kwenpNQ1hLS3ZKeVBhejBhYmhIQ2x0YmppQkdjZ3lvMDM4ckNGU2ZnMFM2M2ZVNnM3SHdVVGp1OUlsb0tCM3dxaFZ4VlV2dTkwS2hSZFNmWDVzNFhQTGFsaTAzcitiNkpMUFdlbEU1QT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
262964
content-length
0
expires
0
614846237234252
connect.facebook.net/signals/config/ Frame 75E9 		21 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/614846237234252?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
323fcd03846120d9742e56ea701a75b27264529d5d82dc9577f12794ebb31b22
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
LzrKaTww1LiNzHVTI2tZVmD+QkS+bwd9bAJ4F9mmgjkd+q1AX0gQQPJA5E3uvp9TwZi+sLTp+8cUKh32waEhUA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588171419936622&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451573579&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.2.1708451573570.1950294908&cs_est=true&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588171419936622&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451573587&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.2.1708451573586.522646505&cs_est=true&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&tm=1&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:53 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ Frame 75E9 		279 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=535708142756970526&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=535708142756970526&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
bd331d1513f444bde10ec0205288e5cf151be6d7750f8297c3b7fcb57eeb1ab7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ks-client-ip
80.255.7.107
Date
Tue, 06 Feb 2024 07:23:23 GMT
Content-Encoding
gzip
x-oss-request-id
65C1DE6B04586B3635CEC1C1
X-Cache-Lookup
Cache Hit
Content-MD5
+0RRB2jc0QlGRcXoCZBgkA==
kwaisign
NULL
Connection
keep-alive
Content-Length
74964
X-Ks-Request-ID
1435445658562886128
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 06 Feb 2024 07:18:03 GMT
Server
Lego Server
Etag
"FB44510768DCD1094645C5E809906090"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
max-age=2592000
x-oss-storage-class
Standard
X-NWS-LOG-UUID
1435445658562886128
Accept-Ranges
bytes
x-oss-hash-crc64ecma
14735527793861735101
x-oss-server-time
23
Expires
Thu, 07 Mar 2024 07:23:23 GMT
unip
trc-events.taboola.com/1518940/log/3/ Frame 75E9 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1518940/log/3/unip?en=pre_d_eng_tb&tos=1795&scd=0&ssd=1&est=1708451571880&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1708451573676&vi=1708451571876&ri=ae469cbb928d7dbc8310c1597b811848&ref=null&cv=20240216-2-RELEASE&item-url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://m.esportesdasorte.com
pragma
no-cache
date
Tue, 20 Feb 2024 17:52:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
web-widget-main-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 1488 		435 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=d63033a6-e9ff-476a-9563-e3daf682c9cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:53 GMT
x-amz-version-id
ZLQfQ8VAJywf0FRWmUxy0uJpQtEO7ERS
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
FG1FZ3ZKF67RV71B
age
116940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
KEHktd298CMOolHlBMafryZ0a+8H2s7n4EL3gAVr5GH+db4c8rbUODx1s3UH+NQhPHyGoBEWo6U=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"0716a89c7772dd4e6b2228378ee4842c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7a6a1ts3%2Fys2Xxg3Oz%2FHXhQJvsGitcqAkiDwwyZ6rNKV%2BAWqxwWZs%2FRBcGc%2BSckOwbClVEolYWWou9YRcV3XQnRB%2B1zeaApUGIazCBcNVxgjKBFBn63VtukuJApJprBm82C2gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b20da673bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
/
app.posthog.com/s/ Frame 0664 		13 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1708451574078&ver=1.107.0
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889b221f658ff8-FRA
access-control-allow-headers
X-Requested-With,Content-Type
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:54 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
api
api.mythad.com/log/common/co/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
360ba306a0b672ed7a7440cbddccc7baf242014c850489a761b2385487cebbab

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
14c3eabde859965fb6823b61626aee86f079a8a92b1fd58bd0ef8674174855f0

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:54 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
api
api.mythad.com/log/common/co/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
8da303506a68bb68bc84ad6685205842e96895b7b1c3b69764f47347e5989e3c

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 75E9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash
5d2420347996036c329f2ef777280ed708ff27f139e60f5203c3899748b9a412

Request headers

Referer
https://m.esportesdasorte.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 20 Feb 2024 17:52:54 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Alt-Svc
quic=":443";ma=2592000;v="43"
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:54 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
api
api.mythad.com/log/common/co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.mythad.com/log/common/co/api
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.132.32.113 , Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://m.esportesdasorte.com
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Alt-Svc
quic=":443";ma=2592000;v="43"
Connection
keep-alive
Content-Length
0
Date
Tue, 20 Feb 2024 17:52:54 GMT
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
chunk.220022bcd6cd533b32ba.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		243 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.220022bcd6cd533b32ba.css
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c02ddb9544f6fa50a30893d6b3e63bd74aa46454cfca90a5ccc514f535781d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:08 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 03:26:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
167
x-amz-server-side-encryption
AES256
etag
W/"df870f6b984b45ebbbfee1c258e3765b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Abf1Mef4SJISQSz1UAb6yqJ92IK4YrKtAEzfQHV6HUWBJV05qaWyKw==
expires
Wed, 19 Feb 2025 03:26:15 GMT
en-us-json-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 1488 		17 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
x-amz-version-id
u2PDhummP8_ehE3OIftmg51YNEzdU7oe
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWT7HGRFHACWEDQ
age
116933
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
sWKd8rEq5L/35xbU50nlJNr7GoQniwlDIsAcLAwWG/VllWdxJtRiiSYXrsdH9ZaCR1+i60eJJs8=
last-modified
Thu, 15 Feb 2024 16:57:40 GMT
server
cloudflare
etag
W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLlKcPuZZG%2BHJoAra6rNMEI1voYcJOpx2PF2QHc5XxWLsOzg%2B%2FJ46s9HuE%2FxEPo3wZ1Ech9z54ZebxBCZNOXgKmb5tDVHfCpS7pOwbtLhSyJEy9nREQ8q8NZlfY4qGvCGQr1AUM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b22dd693bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:39 GMT
web-widget-4852-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 1488 		139 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
x-amz-version-id
F7uXOz2A_5aQqfTP_rhX1FqPLAydr3fO
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWGCYM9XFAW9EDM
age
116940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
h79KNqf53xy+7kfGrXJaVl/3V2wLvtIVSuQ0MP0XnV0T49eFv7Hilx5MHcMqDkU6WtG1G6nyD9Q=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"ea51d3eb674c1f286144bbe26ba05c86"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pLHueZ7gI0Pp0ztyrFCI9iW5Q%2FXyNiTq0pUetbHcxS%2Bb1xTXQx3oGGlBsR2boi6D5wdV5iK1xt%2FnEj49MoBvMZVALRCZAn3V8Cy3NlcQwegnLjciuvY%2F2vQzP9lulXQ4A04nkQw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b22ed723bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-1327-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 1488 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
x-amz-version-id
rHIrdQ08Y6NwProz9wmIqzko_Nsv8IHu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWMRHHV3A4Q6F05
age
116940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
AkFTj+A8gvVvURp8ZfY8ujtYOV9cuZIHOXvo9hOF3oCW6enQTR3nWIKHHbKbPOEkrrmz7SJy+DU=
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DIowVT3gFQyQHe3u0rmPfxeFANFTO5udEEP9yNUZ19X4h%2FWYrDHwRILPXXCXhe%2Fs%2BMhlFctFHu%2Faj2pIn2y7WTGrwhfwYOEdc3ky0wATQLMbczBUBRe5vSo7tQqJ2X5zVj%2B2AUA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b22ed733bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-5178-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 1488 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
x-amz-version-id
MVqLhUsMGNUapmIjFyQQbDvr_okOHKWu
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWJEF7X84Z4D0EH
age
116940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
1qSLbXp5Bl5CQLdAt3B8Z/5UNMxhvj8i66Wp1Z5IMu/jK8BMs1YUzU3jkKULXcxWxEnHiZ+09ZvCzM14HA6asQ==
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"4155d9334495aef51624739a922987ad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiYzQAflTflFNsggYxDJC100ksTsDDKz9OKZ%2B0pQBIkYZGAeEp9TWrgRQHnjzwkoVjfK3Kt1iBjNIYVwmQSbV8RUHdwg%2BV6V7LHbGz6RcRnynaNddhChezDUobkK3criCj314DI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b22ed753bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
web-widget-9535-a0370fe.js
static.zdassets.com/web_widget/messenger/latest/ Frame 1488 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-a0370fe.js
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
x-amz-version-id
fFWzIFin_CmioGvF1MZFNVN5UYAoZZpx
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=0
x-amz-request-id
8PWK5B9QZEWEKJPD
age
116940
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
PrR4ATVEUudA7ngSPiyqNuPgAYWtnDF2cOQ/eUzV0L7T7ijkkl1DOpKA36k4LZWWhbRmMpNW8rLC3vTVsblApg==
last-modified
Thu, 15 Feb 2024 16:57:38 GMT
server
cloudflare
etag
W/"dac47767d3defab30fc014d56fbe8017"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4FUERaiST6V36eqWIW4B4jjebHL7RocpIZMszdqAbTd5YpXEsOxaITsf37PRoVavPIOWLnHifYHoONwAuPRWJDOW8VhUKwDtMGQ4dx%2BDGTvHvI%2BRtnpSsyWZu%2Bla4ux%2BnSIz9o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
cache-control
public, max-age=31536000
access-control-max-age
0
cf-ray
85889b22ed763bb5-WAW
access-control-allow-headers
*
expires
Fri, 14 Feb 2025 16:57:37 GMT
fd-messaging.c4bc98f59b8eaa8c1f2c.css
assetscdn-wchat.freshchat.com/static/ Frame 10F9 		243 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/fd-messaging.c4bc98f59b8eaa8c1f2c.css
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c02ddb9544f6fa50a30893d6b3e63bd74aa46454cfca90a5ccc514f535781d1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:42 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
12
x-amz-server-side-encryption
AES256
etag
W/"df870f6b984b45ebbbfee1c258e3765b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
CyGEMbL4Wh-liQ2U0T2PvvgUrGqgcFF5nyaoepgypZEnEVCkyA5Wjw==
expires
Wed, 19 Feb 2025 03:26:15 GMT
pv
esportesdasortee.zendesk.com/frontendevents/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esportesdasortee.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://m.esportesdasorte.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-origin
*
access-control-max-age
600
cache-control
max-age=600
cf-cache-status
DYNAMIC
cf-ray
85889b245d6035c0-WAW
date
Tue, 20 Feb 2024 17:52:54 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYnIe3BpREl5iy1yi0qvJ%2FpDYY70Kvp2CuxPXF7Mfjt5Ap8UUo%2BEsiiOdb%2BQ1MdO0RBVaFAo%2FvzT8xIfgWGQMZHN2tJ6%2Bdx%2FK2%2FNpjbf7SYNDMztUdCrnnVknNc8b1sKAzmQSNaIBfld5r00SRw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-request-id
85889b245d6035c0-WAW
x-zendesk-zorg
yes
pv
esportesdasortee.zendesk.com/frontendevents/ Frame 1488 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esportesdasortee.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 20 Feb 2024 17:52:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-zendesk-zorg
yes
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLjtFV5pH7Zs0DZKzbozTbftZkqGUGiAzsBy8XqofJRb2HW7uGIH3aA9tcLAPxLscFNK511hDnhdU%2FKqDJW6RrUKHWTJ2ie6uZlpymP9g0U4FaB3EtUZGJlDmp4ali8yUcGyzOxGHSaq2BCrZCM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
85889b277a7235c0-WAW
content-length
0
x-request-id
85889b277a7235c0-WAW
config
esportesdasortee.zendesk.com/embeddable/ Frame 1488 		846 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esportesdasortee.zendesk.com/embeddable/config
Requested by
Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a0370fe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e73fe8ec80efbd6bae8b1175b46999e538db1129e66ea2c154624fecfa31719f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:54 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server
embeddable-app-server-849f5cbd96-sjdbf
x-cached
MISS
x-request-id
85889b245d5d35c0-WAW
x-runtime
0.002483
last-modified
Tue, 20 Feb 2024 16:09:29 GMT
server
cloudflare
access-control-max-age
7200
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QNcHJxGbS%2FRXViXMhK%2B5dnHaiou7NZRjBAkevM3nKafR6LS4nlSMtmg%2Fo6l8gLQ2DKqFnwOc7tq7PCIqAfQ%2BMxHOBLokTtuMweFMWdUqxKLBI7vR%2F3UT127Rq6P1X61A6cbuzoG2x%2BV%2BlIX%2BG%2BE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control
public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary
Origin, Accept-Encoding
cf-ray
85889b245d5d35c0-WAW
fd-messaging.8fd1559e07c6ede45070.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		744 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92efcba9e2b1efb49f99fb82fe7a8bc7d29d6826b07bb1d9948ae14367ae4417

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:07 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 03:26:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
168
x-amz-server-side-encryption
AES256
etag
W/"2b34159cf8d2f7b28f9f007acc500544"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
t-af8W5Fssl7uPVZjM8TMx5mQCiRPGw3J2TRz7fBDVM_SzkuE1SqxQ==
expires
Wed, 19 Feb 2025 03:26:15 GMT
1062986635071892
connect.facebook.net/signals/config/ Frame 75E9 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1062986635071892?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d1415a3f4df486f2dbac4be33a47f5608ee10fe6336f6ad18aac0679fb5a3be0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:54 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
/5vIR159v3WvSl//JhPHtb115v6uVgJE3neO0TV+GP8whwtoaUsmTKgLCQOufIeBd6DfJsulZtWdAzze6ca/wA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=614846237234252&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451574587&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1708451574586.742425361&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&tm=1&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:54 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
rts-min.js
rts-static-prod.freshworksapi.com/us/ Frame 10F9 		86 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-14.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecbc3d8b4f1107a1d73822885fb2813c4c9f6fe637b1ca8588e024c7b705fb8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id
kXebPijY1wzxwhFO_vmvjx_d9Yiu9.7K
content-encoding
gzip
via
1.1 b12498b20eb99a0be9023f965d5b2f90.cloudfront.net (CloudFront)
date
Tue, 20 Feb 2024 17:52:54 GMT
last-modified
Wed, 24 Jan 2024 06:44:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P12
age
1
x-amz-server-side-encryption
AES256
etag
W/"2c39b7ba8352b88e945b79147d18062f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
no-cache
x-amz-cf-id
9W0YOkZxmeeFzHJLqRG5z4aWs9tV8iJhe7xdNCpKb-zfMkCAZylGeQ==
chunk.53225951580d96ba885c.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.53225951580d96ba885c.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:51:48 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
70
x-amz-server-side-encryption
AES256
etag
W/"16f166059cdfefcc4cccee6866835222"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
0sPUgjk1ADgSVrT0UOFs_BGy36cAjbZbqQ-Skc8xH-H6my9o5rDmKw==
expires
Wed, 19 Feb 2025 03:26:15 GMT
chunk.7be603f8fb2482fb972b.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.7be603f8fb2482fb972b.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:26 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
29
x-amz-server-side-encryption
AES256
etag
W/"516f14e4be6e5d509f7f85c85054d45f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
oUFsk9i5H4VFkpt08lodQbw7bnUgDTiVR8bizvWzb0__ukHshYa43w==
expires
Wed, 19 Feb 2025 03:26:15 GMT
notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		4 KB
5 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 20 Feb 2024 17:51:23 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
103
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
Content-Range
bytes 0-4301/4302
Content-Length
4302
last-modified
Tue, 06 Feb 2024 06:36:31 GMT
server
AmazonS3
etag
"a529450a7cfb4a60dea41ef294fa90dd"
vary
Accept-Encoding
content-type
audio/mpeg
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
m3DTlrHfjur48m81V4UUA2sWO3tDzaNAhflnMbqJn_sna5wKZyjh1w==
expires
Wed, 19 Feb 2025 03:26:15 GMT
9d089ac7-5878-47a4-b73d-871d7029a834
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/user/ Frame 10F9 		63 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/user/9d089ac7-5878-47a4-b73d-871d7029a834
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:55 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
8
content-length
63
x-xss-protection
1; mode=block
x-request-id
b2b06121-eeb2-4d44-bc22-748797b6436f
x-trace-id
00-1f948c62d297e3f3e8e9260a14d9f284-025a39e501bc4148-00
server
fwe
x-ratelimit-remaining
2998
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
4082
x-ratelimit-limit
3000
145617691940023
connect.facebook.net/signals/config/ Frame 75E9 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/145617691940023?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e39e4d1e81d8b4793483526df7231a1d6ecdf371a02a93c4097adddcc5bee78
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
g5NiCRyEL6W6oO1moBvILnP74agYSEEpzWnMtQlPdo78ISKPB7jJdgGJ/H59+8uCj4MYKhk0i/36xWYWgOqSoQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1062986635071892&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451575063&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1708451575062.1488144300&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&tm=1&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:55 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
widget_info_v2
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/ Frame 10F9 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/widget_info_v2?locales=en-US,en-US&platform=web
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
36700b61f14dbc5ecb08b8cd8d86af01df96b7d53c7a20be00a3f0b1962efd93
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:55 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
0
x-status
HIT
x-xss-protection
1; mode=block
x-request-id
0175e8b9-ea13-49dd-b370-579c9c0a270a
x-trace-id
00-229a4945d4f224a9e217a342da2d3a59-ba4c2d20bdc7b92b-00
server
fwe
vary
accept-encoding
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
3063
x-ratelimit-remaining
2997
x-ratelimit-limit
3000
chunk.b236f79826d7b18644c3.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		90 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.b236f79826d7b18644c3.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c113d2d891192c213a9ef749ca10766f1b7ad0e6bdaf342fbe7c6488c68ae2c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:09 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Tue, 20 Feb 2024 03:26:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
167
x-amz-server-side-encryption
AES256
etag
W/"085ad1fe056eb843ec23fc3b37afe543"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
5httO_utYmAwNkEukF3srVXLJr9P7HGuIom8_zpnkL2NlMo-zjsbqQ==
expires
Wed, 19 Feb 2025 03:26:15 GMT
chunk.9483627a8c67d30d11a1.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		281 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.9483627a8c67d30d11a1.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40d360e331f1554a24a786a418631f97c613902398ad6ac5c17bb36572de8942

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:45 GMT
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
11
x-amz-server-side-encryption
AES256
etag
W/"8e333694bf0117f306d0a40f11233dee"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
M5zuXpmj4EuQwRHuhQZqdqMHK76FgQvj-L1rD6FeJD_H1tCU3K6p0w==
expires
Wed, 19 Feb 2025 03:26:15 GMT
activity
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/user/9d089ac7-5878-47a4-b73d-871d7029a834/ Frame 10F9 		17 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/user/9d089ac7-5878-47a4-b73d-871d7029a834/activity?widgetInfoTraceId=5d52c601-3441-4d7e-83a9-101cba3cfc15
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:55 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
4
content-length
17
x-xss-protection
1; mode=block
x-request-id
988e393a-b33d-41d3-a322-901373f0e9ab
x-trace-id
00-59ad5f7d10a8fe66b05a03d548096e46-f5411c7553363362-00
server
fwe
x-ratelimit-remaining
2996
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
2601
x-ratelimit-limit
3000
index.html
688588608962031.webpush.freshchat.com/ Frame 43F8 		30 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://688588608962031.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==
Requested by
Host: crunchequation-org-74030d2ee16a88e16709193.freshchat.com
URL: https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/js/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-76.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer
https://joiabet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 20 Feb 2024 17:52:56 GMT
etag
W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified
Fri, 25 Oct 2019 06:53:38 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
x-amz-cf-id
x2k32c-QOe5g6MhoiBAVKB1WQO8y9QY7tMO9QZ7vffOZLtoxavetmg==
x-amz-cf-pop
AMS1-P2
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
category
crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/faq/ Frame 10F9 		212 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/app/services/app/webchat/eb4efed0-d7ac-4f35-8115-efaa9ff24a07/faq/category?platform=web&locales=en-US%2Cen-US&since=&lastLocaleId=
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.221.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a44946a9dd66b7704.awsglobalaccelerator.com
Software
fwe /
Resource Hash
99bf2adf4ea4d4a5d3ad3c72dacf31063e7b38807522b4267ac6c196666fe524
Security Headers
Name Value
Content-Security-Policy style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/widget/?token=eb4efed0-d7ac-4f35-8115-efaa9ff24a07&referrer=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==&widgetUuid=8069c5b5-e2a1-4575-b4c8-255434bfe877&eagerLoad=true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:55 GMT
content-security-policy
style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security
max-age=31536000; includeSubDomains
nel
{ "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total
3000
x-ratelimit-used-currentrequest
1
x-envoy-upstream-service-time
9
content-length
212
x-xss-protection
1; mode=block
x-request-id
99f81592-1e8d-4a9b-a0e7-b1b17ea12734
x-trace-id
00-99d1882c099e20c30dc3e6078654d306-338ec8a6d7ed00b7-00
server
fwe
x-ratelimit-remaining
2995
report-to
{ "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type
application/json;charset=UTF-8
x-fw-ratelimiting-managed
true
cache-control
no-store
access-control-allow-credentials
true
x-server
2601
x-ratelimit-limit
3000
9849.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/9849.css
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
5
x-amz-server-side-encryption
AES256
etag
W/"20f054b8b45ccd177447feada77d0895"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
Kj0LOGW2cfmtgtbpuSy22CL8vAIBAc-ZD-jSFglkY4CQWBUf8clCpA==
expires
Wed, 19 Feb 2025 03:26:15 GMT
chunk.fd314e4ac1e6a45b6b94.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		137 B
584 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.fd314e4ac1e6a45b6b94.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
5
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
137
last-modified
Wed, 14 Feb 2024 05:55:55 GMT
server
AmazonS3
etag
"a89e4a96c2e88cb6a5a23d73c000bcae"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
accept-ranges
bytes
x-amz-cf-id
wzMGOhnRpgUpu4qf11bRVzQP-yNJGDSt1R37YdFA8RQjBQ1_-QebOA==
expires
Wed, 19 Feb 2025 03:26:15 GMT
chunk.cf2220b6d090e27b9496.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 10F9 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assetscdn-wchat.freshchat.com/static/assets/chunk.cf2220b6d090e27b9496.js
Requested by
Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.8fd1559e07c6ede45070.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-55.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:52:51 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
last-modified
Wed, 14 Feb 2024 05:55:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
5
x-amz-server-side-encryption
AES256
etag
W/"c6a94cb46d8753f365405e99cf7185f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000, no-transform, public
x-amz-cf-id
NPZyvyPN1CQrbppinrMF_PxygFniu177O4js698rY0X3jzjP5tGC3g==
expires
Wed, 19 Feb 2025 03:26:15 GMT
82ed8bf9-89a3-4433-a526-38e7f713aa31
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/ Frame 10F9 		152 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/82ed8bf9-89a3-4433-a526-38e7f713aa31
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
152
Content-Type
img_n3qm04gh4r_d4ff5ce3862eafe141903dbb78933e536da90ea0bc12816ca05bb9d705be8c6f.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/2d290529f63d8eb075c7b44c7a0cff950ac68b80918aba46d208a730126e1691/f_marketingpicFull/u_c5b8a64a17a95b23f1c0a487d030a3fd3dad32986e9ee664d6204b1ed7f66b07/ Frame 10F9 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/2d290529f63d8eb075c7b44c7a0cff950ac68b80918aba46d208a730126e1691/f_marketingpicFull/u_c5b8a64a17a95b23f1c0a487d030a3fd3dad32986e9ee664d6204b1ed7f66b07/img_n3qm04gh4r_d4ff5ce3862eafe141903dbb78933e536da90ea0bc12816ca05bb9d705be8c6f.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.201.57 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
a486ef37a052dad61b3c1f6be860af6df1260aef193caeffb423b330a80c852a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://crunchequation-org-74030d2ee16a88e16709193.freshchat.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:52:56 GMT
x-amz-version-id
wbNxnYAKOD0HMV5DwzAbbADdHSoDSe6k
Last-Modified
Wed, 30 Aug 2023 00:15:50 GMT
Server
AmazonS3
x-amz-request-id
D84ZC9MA2MJBWEX8
ETag
"d9830d550ffe63cd7e21c34888bed05e"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-storage-class
REDUCED_REDUNDANCY
Accept-Ranges
bytes
Content-Length
70279
x-amz-id-2
arC448EITLNrRftTu5xQmi5Velz3uRA3o7kxLlQFzsGJ6t8j3xtC/VrtYiFe06NM6YPQAyTUPOg=
fc_logo.png
688588608962031.webpush.freshchat.com/ Frame 43F8 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://688588608962031.webpush.freshchat.com/fc_logo.png
Requested by
Host: 688588608962031.webpush.freshchat.com
URL: https://688588608962031.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-60-76.ams1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://688588608962031.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 08:19:04 GMT
via
1.1 2d8216898001f8ce3fde38c8796d2fa6.cloudfront.net (CloudFront)
last-modified
Thu, 08 Feb 2018 07:54:41 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
34432
etag
"e87df9f10dcf497ae292dc234200465c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
3777
x-amz-cf-id
RM-wkcgWHIA8-mMzlcnZJL9z48FMmXHBC-EmkJfKNpdblBcOFVWRLA==
317571.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/317571.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aeac6074516776e89dc6c32b3134e2bd28d5c3204af8aad2c9582a407d570fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:47 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b7-1821"
content-type
image/png
x-varnish
103052640 100295968
cache-control
max-age=86400
accept-ranges
bytes
content-length
6177
expires
Wed, 21 Feb 2024 17:52:56 GMT
2158.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2158.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e12d0b719a90d21a93f9fa418abad5e1f4e4a360c223219f22a5b671a9037942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-169e"
content-type
image/png
x-varnish
138919541 138275258
cache-control
max-age=86400
accept-ranges
bytes
content-length
5790
expires
Wed, 21 Feb 2024 17:52:56 GMT
5040.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/5040.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
x-sbe
logos_prod_web1
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
x-varnish
311230487 301918300
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
240358.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/240358.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ac27e7c46cdb91b02b0ff5839dbe07436b675dee58ebd975b38180054f1a5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:44 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
x-sbe
logos_prod_web2
etag
"5dd2a1b4-1d96"
x-varnish
140888309 138521406
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
7574
expires
Wed, 21 Feb 2024 17:52:56 GMT
405349.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/405349.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a56af7552603c023389c1b380a2acaf699ee64570fe7c4dbde07367e66676a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Sep 2023 13:48:36 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe
logos_prod_web2
etag
"65085534-27a4"
x-varnish
105455202 104951717
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
10148
expires
Wed, 21 Feb 2024 17:52:56 GMT
40657.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/40657.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
568c1118a94d99bdc99736ae4e951beb84e7374dff11fcd0531b21f1efcf76a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Sep 2023 13:48:36 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"65085534-27a4"
content-type
image/png
x-varnish
299823548 288681254
cache-control
max-age=86400
accept-ranges
bytes
content-length
10148
expires
Wed, 21 Feb 2024 17:52:56 GMT
132952.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/132952.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
x-sbe
logos_prod_web1
x-varnish
327317232 322066542
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
322485.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/322485.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
x-sbe
logos_prod_web2
x-varnish
327967762 321170387
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
427021.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/427021.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe
logos_prod_web2
x-varnish
135983010 135577109
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
427023.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/427023.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe
logos_prod_web1
x-varnish
136256621 135577114
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
5417.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/5417.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
33b6c8625494893fc70994f3d689cc762b934d82dc515306c28c0b9348bd9bd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:55 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1bf-15f9"
content-type
image/png
x-varnish
117526992 113801175
cache-control
max-age=86400
accept-ranges
bytes
content-length
5625
expires
Wed, 21 Feb 2024 17:52:56 GMT
5195.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/5195.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
f664f9b4778238305a19d5f33a4ae83963ac0e33d17d4e22ce6860d4172c5f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:54 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1be-1827"
content-type
image/png
x-varnish
312636185 314833699
cache-control
max-age=86400
accept-ranges
bytes
content-length
6183
expires
Wed, 21 Feb 2024 17:52:56 GMT
211906.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/211906.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
69fab33aa54c3c6ae3ee9a535a288922dba8cecfccf56740840730f0e08b04fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
x-sbe
logos_prod_web1
etag
"5dd2a1b2-1c85"
x-varnish
141222293 140896592
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
7301
expires
Wed, 21 Feb 2024 17:52:56 GMT
2094.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2094.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
69e5372efeedfb87580d7d3c1885ed36906b3ef8a2c7272080e325524409b240
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b2-1997"
content-type
image/png
x-varnish
141403121 137622719
cache-control
max-age=86400
accept-ranges
bytes
content-length
6551
expires
Wed, 21 Feb 2024 17:52:56 GMT
522756.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/522756.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
15eb910c3b47152db5d866904c0fb6fbf42ccbf3febb498c839e401bfd157b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:54 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1be-2011"
content-type
image/png
x-varnish
142612668 141876634
cache-control
max-age=86400
accept-ranges
bytes
content-length
8209
expires
Wed, 21 Feb 2024 17:52:56 GMT
134282.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/134282.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ee5eb451260b4a3fbdfbcadb9a9cc775d3388c9c7ae7ecae461f0a89b6f2ef44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:40 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b0-f06"
content-type
image/png
x-varnish
141258203 141009418
cache-control
max-age=86400
accept-ranges
bytes
content-length
3846
expires
Wed, 21 Feb 2024 17:52:56 GMT
58317.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/58317.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c7b13e837273524d7054f10108cb613066c4cd3568f3bb7ef144f65fca3371e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:55 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1bf-1b55"
content-type
image/png
x-varnish
133331515 135137273
cache-control
max-age=86400
accept-ranges
bytes
content-length
6997
expires
Wed, 21 Feb 2024 17:52:56 GMT
307074.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/307074.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
27f008c8d0501f549af3b5166d1cb393248c42ef6d3e948a34452409e784f658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:47 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b7-1425"
content-type
image/png
x-varnish
315374679
cache-control
max-age=86400
accept-ranges
bytes
content-length
5157
expires
Wed, 21 Feb 2024 17:52:56 GMT
43560.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/43560.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9cbb7f0cc577310b18c2d38b300ed125616e8713c558506a1c91901f3158b08c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:51 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1bb-1fb6"
content-type
image/png
x-varnish
136013959 128896572
cache-control
max-age=86400
accept-ranges
bytes
content-length
8118
expires
Wed, 21 Feb 2024 17:52:56 GMT
188577.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/188577.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
3610a22a24d490260b97183a87c4cfc419e2cf808f23eb8a5168bf40800c5709
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-1502"
content-type
image/png
x-varnish
135243575 135200865
cache-control
max-age=86400
accept-ranges
bytes
content-length
5378
expires
Wed, 21 Feb 2024 17:52:56 GMT
331923539223706
connect.facebook.net/signals/config/ Frame 75E9 		21 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/331923539223706?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C118%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C111%2C207%2C144%2C105%2C127%2C120%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5e4e6fdc1b1fa80567d0686a4b1afdd980b217a30afcf61b77523d4ab7af9d77
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), fullscreen=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 20 Feb 2024 17:52:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma
public
x-fb-debug
49ZXWV5t5F8Yuwm1qYKl24dn7+eUs2tl0XorGQlRZoBjHnaRxqDjoQ1j7VWMeg5T15MAo4fFanMIaLrnR11/tw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=145617691940023&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451576042&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1708451576028.492770003&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&tm=1&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
317571.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/317571.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
aeac6074516776e89dc6c32b3134e2bd28d5c3204af8aad2c9582a407d570fc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:47 GMT
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
server
nginx
x-sbe
logos_prod_web1
etag
"5dd2a1b7-1821"
content-type
image/png
x-varnish
103052640 100295968
cache-control
max-age=86400
accept-ranges
bytes
content-length
6177
expires
Wed, 21 Feb 2024 17:52:56 GMT
2158.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/2158.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e12d0b719a90d21a93f9fa418abad5e1f4e4a360c223219f22a5b671a9037942
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:42 GMT
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
server
nginx
x-sbe
logos_prod_web2
etag
"5dd2a1b2-169e"
content-type
image/png
x-varnish
138919541 138275258
cache-control
max-age=86400
accept-ranges
bytes
content-length
5790
expires
Wed, 21 Feb 2024 17:52:56 GMT
5040.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/5040.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
x-sbe
logos_prod_web1
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
content-type
image/gif
x-varnish
311230487 301918300
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
240358.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/240358.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ac27e7c46cdb91b02b0ff5839dbe07436b675dee58ebd975b38180054f1a5a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Nov 2019 13:50:44 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0b491de2a9c0887b2
x-sbe
logos_prod_web2
etag
"5dd2a1b4-1d96"
x-varnish
140888309 138521406
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
7574
expires
Wed, 21 Feb 2024 17:52:56 GMT
405349.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/405349.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a56af7552603c023389c1b380a2acaf699ee64570fe7c4dbde07367e66676a3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Sep 2023 13:48:36 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-0e30c7f49a5254ce8
x-sbe
logos_prod_web2
etag
"65085534-27a4"
x-varnish
105455202 104951717
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
content-length
10148
expires
Wed, 21 Feb 2024 17:52:56 GMT
40657.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/40657.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
568c1118a94d99bdc99736ae4e951beb84e7374dff11fcd0531b21f1efcf76a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 18 Sep 2023 13:48:36 GMT
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
server
nginx
x-sbe
logos_prod_web2
etag
"65085534-27a4"
content-type
image/png
x-varnish
299823548 288681254
cache-control
max-age=86400
accept-ranges
bytes
content-length
10148
expires
Wed, 21 Feb 2024 17:52:56 GMT
132952.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/132952.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
x-sbe
logos_prod_web1
x-varnish
327317232 322066542
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
322485.png
img-cdn001.akamaized.net/ls/crest/medium/ Frame 75E9 		43 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img-cdn001.akamaized.net/ls/crest/medium/322485.png
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/main.47ee960a0de15fb7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ece Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 20 Feb 2024 17:52:56 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
x-srv
fishnet-prod-logos-fvauto-06432b9c5549d358a
x-sbe
logos_prod_web2
x-varnish
327967762 321170387
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
43
expires
Wed, 21 Feb 2024 17:52:56 GMT
unip
trc-events.taboola.com/1518940/log/3/ Frame 75E9 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1518940/log/3/unip?en=pre_d_eng_tb&tos=4805&scd=0&ssd=1&est=1708451571880&ver=36&isls=true&src=i&invt=3000&msa=0&rv=1&tim=1708451576686&vi=1708451571876&ri=ae469cbb928d7dbc8310c1597b811848&ref=null&cv=20240216-2-RELEASE&item-url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://m.esportesdasorte.com
pragma
no-cache
date
Tue, 20 Feb 2024 17:52:59 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
/
app.posthog.com/s/ Frame 0664 		13 B
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.posthog.com/s/?compression=gzip-js&ip=1&_=1708451577092&ver=1.107.0
Requested by
Host: estrelabet.com
URL: https://estrelabet.com/polyfills.c5e32b41c40d5b6ada0b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://estrelabet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 17:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
server
cloudflare
cross-origin-opener-policy
same-origin
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://estrelabet.com
access-control-allow-credentials
true
cf-ray
85889b42dfcf8ff8-FRA
access-control-allow-headers
X-Requested-With,Content-Type
/
www.facebook.com/tr/ Frame 75E9 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=331923539223706&ev=PageView&dl=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE&rl=&if=true&ts=1708451579358&sw=1600&sh=1200&v=2.9.147&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.2.1708451579354.1302825232&ler=empty&cdl=API_unavailable&it=1708451571816&coo=false&tm=1&exp=e3&rqm=GET
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 20 Feb 2024 17:52:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:52:59 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
unip
trc-events.taboola.com/1518940/log/3/ Frame 75E9 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1518940/log/3/unip?en=pre_d_eng_tb&tos=10814&scd=0&ssd=1&est=1708451571880&ver=36&isls=true&src=i&invt=6000&msa=0&rv=1&tim=1708451582695&vi=1708451571876&ri=ae469cbb928d7dbc8310c1597b811848&ref=null&cv=20240216-2-RELEASE&item-url=https%3A%2F%2Fm.esportesdasorte.com%2Fptb%3Fclick_id%3Dbbhyqjyxwphjibrgyymsiabaw%26affid%3D71822%26utm_campaign%3DCM_BR_SB_DT_ESPORTES_TNONLINE
Requested by
Host: m.esportesdasorte.com
URL: https://m.esportesdasorte.com/polyfills.08ba0e0469079de9.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.esportesdasorte.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-origin
https://m.esportesdasorte.com
pragma
no-cache
date
Tue, 20 Feb 2024 17:53:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x50&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583379&lmt=1708451583&adxs=1055&adys=2830&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=315x50&msz=285x0&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26native%3D0&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=4201368234&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70a94cf3971b3c930c951939798f48922cca6c8c24d7b23f598fc62bc8a904c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24559
x-xss-protection
0
google-lineitem-id
6052520336
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138400975874
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583401&lmt=1708451583&adxs=315&adys=419&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=1170x1&msz=970x1&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26pos%3Dtop%26native%3D0&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=2548195504&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e66904a9e84051ac12295504ac19767b76279aa22655f6633cf994a099b3451
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10858
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		54 KB
20 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583444&lmt=1708451583&adxs=1040&adys=990&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=390x1&msz=360x0&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26pos%3Dtop%26native%3D1%2C2&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=3274985505&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc403a3e752a3b389793390b8eb37f8ab3454100c7daeec494a0c80c763f1ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20093
x-xss-protection
0
google-lineitem-id
5026868633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138378224744
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		44 KB
11 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583449&lmt=1708451583&adxs=1048&adys=1561&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=375x1&msz=345x0&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26pos%3Dtop%26native%3D1%2C2&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=2844506210&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
906c953e7048a7bf30ca22576f6ec25d36cc700f49bfabdacd53407d28c72290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10938
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583453&lmt=1708451583&adxs=1040&adys=4131&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=6&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=360x250&msz=330x0&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26pos%3Dtop%26native%3D1%2C2&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=3358731540&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a8ffdfdf200d90e1ab60a940d8112041177b3ac1d60969bbb1cc71289c3389
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14258
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=1495166269485170&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451583463&lmt=1708451583&adxs=455&adys=3671&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=780x865&msz=780x90&fws=0&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D5%26pos%3Dtop%26native%3D1%2C2&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=2610663044&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b745c0a1d306c48ac828ebeb17f0a85f09f8beb9c7d3ccb0a3becd8df3f3de72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14251
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
366
etag
W/"e3be409ac3c100e2a5d3f264ec260551"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
85889b5cc95fbb8b-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400
expires
Fri, 23 Feb 2024 17:53:03 GMT
pastoclockps.js
data.gblcdn.com/data/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data.gblcdn.com/data/pastoclockps.js?aid=e8d3823216e9d19cc007&pubid=d259e1e0-91ba-11ed-bd6f-0d04344df9dd&pid=eqjebngkgetpm&renderD=0&limitT=0&limitH=24&parent=body&t=pd&mt=b
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
992f8f5bb6a14bbaad50fe3b54656450787ddcbd8e295623cc31bd27d56d5809

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
1.1 4ab6741feebe4ae20194f9a14d724e64.cloudfront.net (CloudFront)
content-encoding
br
x-amz-version-id
JH4Kurig7DTXT.Luw4H7dhOkeSRrMvdG
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
297814
x-amz-cf-pop
CDG52-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 20 Nov 2023 09:34:48 GMT
server
cloudflare
etag
W/"e8d3823216e9d19cc0075d5281cb605d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkWmfQzCEXTJ3ZOc4f%2ByLLL8jmT%2BfDcMATh8cpleY47eaeQv4Ryuzcu%2BF7VZ7t5DPsSnMkQC9Td09TFjLI%2B%2FX7KOBae2m24of4MBdSSK2Aq0WtPFbl3gygfAZnNMR2GvGImV8Ysr4U6DayS4ENg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=604800
cf-ray
85889b5daaad6ef7-CDG
x-amz-cf-id
BCsiqy0Iy3E3G9eUJI5oNzfkLCk-m4KZwVvpoGyaOrGjN9Ztx0Evng==
conversion.js
tm.jsuol.com.br/modules/external/tailtarget/libs/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
6125
last-modified
Tue, 05 Jan 2021 19:37:55 GMT
server
marrakesh 1.23.0
etag
f7a535aa8ca1d0acd1bff039eb80acff
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
qeS5EeToMFZCD29nh15uVzI77tpcUs3v-xfcSZ9PA33CNSVuD52NWQ==
expires
Tue, 20 Feb 2024 18:53:03 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=uol.com.br&p=%2F&u=Biwn3QChiYB7R1cRK&d=tnonline.uol.com.br&g=61085&g0=Total%20Parceiros%2CParceiro%20-%20TNOnline&g1=tnonlinecombr&n=1&f=00001&c=0&x=0&m=0&y=8436&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&v=https%3A%2F%2Ftnonline.uol.com.br%2F&PA=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&b=21416&t=n0nkYD0akcGBsGoeK750hyCFbz-4&V=143&i=TNOnline%20-%20O%20portal%20de%20not%C3%ADcias%20do%20norte%20do%20Paran%C3%A1&tz=-60&sn=1&sv=C8IiRpDA0b1lB_xWp6ClMwlT7_rFj&sr=https%3A%2F%2Ftnonline.uol.com.br%2F&sd=1&im=061b2ef3&_
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.239.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-239-138.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 20 Feb 2024 17:53:03 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
cotacao
tnonline.uol.com.br/apis/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/apis/cotacao
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
b8aec4f1d36410524445366353836cb52e245a8126453a1635c7284cfdc8b9d2

Request headers

Accept
*/*
Referer
https://tnonline.uol.com.br/?d=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
gzip
x-mw-action-duration
00:00:00
via
CacheUOL
x-aspnet-version
4.0.30319
age
1256
x-powered-by
ASP.NET
x-cache
HIT
cache-tag
page, page-apis-cotacao
x-mw-request-duration
00:00:00.0312504
x-mw-cache
true
x-mw-generating
False
content-length
1045
referrer-policy
no-referrer-when-downgrade
x-aspnetmvc-version
5.3
x-mw-generated-by
MW Portal
server
nginx
x-mw-cache-date
Tue, 20 Feb 2024 17:32:02 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
x-varnish
103364628 100290263
x-mw-cache-valid
True
cache-control
public, stale-if-error=3600, max-age=1795
accept-ranges
bytes
expires
Tue, 20 Feb 2024 18:02:02 GMT
tntv.html
tnonline.uol.com.br/statics/ajax/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/statics/ajax/tntv.html
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
ac20c4cb7b3870f1be1a9b50368ba580d90e05e9f63528e2a7371c2486ce4dce

Request headers

Accept
*/*
Referer
https://tnonline.uol.com.br/?d=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
gzip
via
CacheUOL
age
131
x-powered-by
ASP.NET
x-cache
HIT
content-length
1659
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Feb 2024 17:48:18 GMT
server
nginx
etag
"0dd93fc2464da1:0"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-varnish
98262656 103783642
cache-control
public,max-age=300
accept-ranges
bytes
web
onesignal.com/api/v1/sync/17b5451d-97b7-42c0-898c-ba4f94af26aa/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/17b5451d-97b7-42c0-898c-ba4f94af26aa/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e097277dc3ae421a7f5df318a6911d3c60608f1b0f8f423beb7933c26d5c3dc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
fad951ba-7551-46f5-91a0-c75baeb39a8d
x-runtime
0.038303
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"5e097277dc3ae421a7f5df318a6911d3"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
85889b5dfac2bb8b-FRA
access-control-allow-headers
SDK-Version
expires
Tue, 20 Feb 2024 18:53:03 GMT
p
server.gblcdn.com/pool/ 		168 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://server.gblcdn.com/pool/p?pubid=d259e1e0-91ba-11ed-bd6f-0d04344df9dd&l=1&mck_o=&mck_b=&mck_c=&mck_ov=&mck_bv=&t=pd&mt=b&dco=0&fq=&fqc=&wh=tnonline.uol.com.br
Requested by
Host: data.gblcdn.com
URL: https://data.gblcdn.com/data/pastoclockps.js?aid=e8d3823216e9d19cc007&pubid=d259e1e0-91ba-11ed-bd6f-0d04344df9dd&pid=eqjebngkgetpm&renderD=0&limitT=0&limitH=24&parent=body&t=pd&mt=b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bac310cfc5db47e22757d2a30f209b8a916c9de232338bfdb537bfe8b49a352

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgkNjjXcqb2cpYKp5rD0OOrpvXLxn1R7DuQ5mWFyCIyDtbYvdpwbtFjxZsEcst124gwu2ccSoGpPNdognEGmIGXkIf7KuQfObFd%2BisxFcngQapge8nISNUPVFQ%2BIW57MqbL0oR7MWds1BBoiNplByw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
access-control-expose-headers
Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
cache-control
no-cache, private
cf-ray
85889b5ee8a26359-LHR
alt-svc
h3=":443"; ma=86400
base.js
tm.jsuol.com.br/modules/external/tailtarget/libs/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
8357
last-modified
Tue, 05 Jan 2021 19:37:57 GMT
server
marrakesh 1.23.0
etag
aeb8806857f0c1b9f7f6b8d4ff48230f
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
AQJthzkOKpPFiBe1yuiAWp-QRm_aN5keWolkMr-yGWS477-fPabUsQ==
expires
Tue, 20 Feb 2024 18:53:03 GMT
trk
tt-10162-1.seg.t.tailtarget.com/ 		70 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tt-10162-1.seg.t.tailtarget.com/trk?tA=TT-10162-1&tJ=_channel:sitetnonline:1&tK=1708451584&tM=direct&tL=direct&tN=direct&tY=3&tZ=341541301
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
no-cache, private, proxy-revalidate
content-disposition
inline
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
vCkE0H_Mkmg
www.youtube.com/embed/ Frame 4668 		92 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/vCkE0H_Mkmg
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0a8bb1a31e367a9c0b7b16022f12a35e33c490f912d299728406e2af47e81194
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:53:04 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275
105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
22569025a3f35903305c3678d092b4d553fd740a5c3e80829b2a9b061d74a593

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:59:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4da7ebf9464da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNi7LgoMOZvsx59VY1ab8SXPfulDgEkz84IWCuqr3Sfp7Ra9pNZaEnZjeq3vUO3BGzYDB5qfrTKqNp%2F3elKiRtamfsp2ikG6ObTFKxwZa27ZPdPE6STKBkyIlV6JeIPDtFJRDdf%2BhuKvFyXxB5cv7Nc5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620ed702de-CDG
alt-svc
h3=":443"; ma=86400
content-length
107810

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
103922472
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Homem-assassinado-a-tiros-na-zona-norte-de-Apucara-00837856-0-202402201059.jpg?xid=1186275
content-type
text/html; charset=UTF-8
content-length
262
Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268
125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
62b1c129b39464235bacd3e133c849880c5666f99ccc20a104d4fb56fd12bb3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:53:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8cbfad31464da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRRT07rqfo2o7ngOHTq9tn5C8%2F%2BFVc6idqhjYjLM87bjVhNc%2F%2BXHk9R1sfzAo%2FhnB6h2V3xkfUU92MXW4oMM%2FjaH1C9swVtOjJlokZXArL4vKI%2BbdanuRksb3SLuc%2FykjSRb%2FoPKqinZ3xlEcH9sD0zY"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620eda02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
128348

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
107840834
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Delegado-da-detalhes-sobre-homicidio-registrado-no-00837854-0-202402201053.jpg?xid=1186268
content-type
text/html; charset=UTF-8
content-length
262
Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264
89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
d54f16e6baa22a8498e179086dc37e48df589c14ea1726e0fd544c347c4df6a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:52:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"7b8a59464da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YachSXhgX4GRNWGFaMelZgMLbsTgOEy8GvwG%2FqwRtiom4frotNJYdbzE5OwlClOW85rhrPofwvs9I%2BEhot5dHQpydBw3%2BvaBnUfGSlPr7C6LQhzouXXzOeIh0rNArXxqUepuNYhlNRym8MLh0f2zWRAa"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620ed402de-CDG
alt-svc
h3=":443"; ma=86400
content-length
91021

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
98593803
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837853-0-202402201052.jpg?xid=1186264
content-type
text/html; charset=UTF-8
content-length
260
Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743
116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
f9e54c89f9278cf57b517f0054d1f9287a317be5eb9c6e91204404047702cb4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 17:28:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"672511c5963da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mnhGg1PZX81mbR%2FTATCio0r2S9Lqu4VkvYHzurPzFqaSKIhxeEKav1Jna0uXGBpZtH%2BTXKTsNeDb62OgnDI1JnEO0PL8AY1EHtVbp2Q6qRyBgJyodu0erkS9yxAF%2Bm3gxpq80k9lSqyAc7ZNhXQ%2Bg4F%2F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620edb02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
119147

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
84029176
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Total-imprudencia-diz-a-Rumo-apos-acidente-com-car-00837554-0-202402191428.jpg?xid=1185743
content-type
text/html; charset=UTF-8
content-length
262
Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576
140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bcb21157706e767d419b2e43e3ae8e5bd3de7eaaac26602dbedd31979242d162

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 13:17:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cb1bc4f33563da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rjy5igj1me2XPcuUS8jxUKhQqu1DL13bCtzbiuPqzf8Mb33FSH61IuRTRcb%2Bf2q9%2BFOkbOWnKmiQIElGjCb1vPYJ%2B0BnvfpPaGK1LvaoiSbmrpD2kH47iswhU4c6WfvJHDfQ72gexJileoLdL94FEl4%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620edd02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
143290

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
102985359
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Padre-de-Apucarana-faz-campanha-para-ajudar-os-mai-00837488-0-202402191017.jpg?xid=1185576
content-type
text/html; charset=UTF-8
content-length
262
Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg
cdn.tnonline.com.br/img/thumbnail/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572
  • https://cdn.tnonline.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572
104 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4d62943573918fb26ee7dd5ddc4ae612f0e6c628633ad6818431a57dd66acd82

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cf-cache-status
MISS
last-modified
Mon, 19 Feb 2024 13:13:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c75c7f763563da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRpm1Je40X2dLpawaZCtvoIQvnkjsqL2cUJROyJPIpt1wcYwUmoqG9grPvRmB5QhNtUShX0npsAYcJW2pjDMl%2FOpRYqYZ5VP2fwy2NNOx%2BfiPI1YcDQMtgRZr3Uos%2FIiNNcHdnx4gn3Ol1vC%2BZNJ3YnO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b620ed602de-CDG
alt-svc
h3=":443"; ma=86400
content-length
106327

Redirect headers

date
Tue, 20 Feb 2024 17:53:03 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
94496147
location
https://cdn.tnonline.com.br/img/thumbnail/830000/Morador-da-regiao-surpreende-ao-comprar-caixao-par-00837487-0-202402191013.jpg?xid=1185572
content-type
text/html; charset=UTF-8
content-length
262
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402060239000/ Frame 74BE 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 16:05:51 GMT
age
6433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56214
x-xss-protection
0
server
sffe
etag
"51ebc873ede2e2f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 16:05:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 74BE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 17:15:52 GMT
age
520632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5214
x-xss-protection
0
server
sffe
etag
"1e0d3e55ad08d21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 17:15:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 74BE 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 11:32:06 GMT
age
541258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29043
x-xss-protection
0
server
sffe
etag
"f8b65ff06b47be2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 11:32:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 74BE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 11:32:06 GMT
age
541258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"a50cf387c592e9af"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 11:32:06 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 74BE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Feb 2024 13:40:03 GMT
age
447181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12948
x-xss-protection
0
server
sffe
etag
"cd1beca569c88c8d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Feb 2025 13:40:03 GMT
truncated
/ Frame 74BE 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87a8034fd5739a11a780145585da9a33e1a30a60494cf107b67fa5ec5ef0caec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
8051209521939371015
tpc.googlesyndication.com/daca_images/simgad/ Frame 74BE 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8051209521939371015
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff63e17398eb9bde8cc691e42fc10b9a8f38b9a4f383cc7956680acdb492ab62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sat, 15 Feb 2025 00:10:51 GMT
date
Fri, 16 Feb 2024 00:10:51 GMT
x-content-type-options
nosniff
age
409332
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50921
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 13:44:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 74BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
age
1041
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Wed, 21 Feb 2024 17:35:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 74BE 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 22:29:21 GMT
x-content-type-options
nosniff
server
cafe
age
69822
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 20 Feb 2024 22:29:21 GMT
O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg
cdn.tnonline.com.br/img/Inferior/830000/
Redirect Chain
  • https://tnonline.uol.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389
  • https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ec6caa922e7a91c9f35a576cd63162bbe4b6012e295f4bc590baad9e0a8b1712

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 16:36:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4fc0a2f01a64da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sVkh5rZQhmNsw1LW%2Bu5KEigj94MqxnD2TNhf4ZnMMCfhnukf07dv4eQ7oI4eb5QhutyjJF90uFSzS4%2BotCP2wZlBExEyFtNNhnu8h%2BywzrvX0Bc9brQ%2F1meLQ7ap%2FWYSFQjbsskPSlp%2BlEpj89DsW9V"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b623f4202de-CDG
alt-svc
h3=":443"; ma=86400
content-length
14895

Redirect headers

date
Tue, 20 Feb 2024 17:53:04 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
97205946
location
https://cdn.tnonline.com.br/img/Inferior/830000/O-desvio-tera-duracao-prevista-de-90-dias-00837895-0-202402201336-xs.jpg?xid=1186389
content-type
text/html; charset=UTF-8
content-length
255
u
b.t.tailtarget.com/ 		71 B
141 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
4498f16d5b9e9a84f838be4fe6824a11d4a8b52b0b708a6b6dc6619980e4b41b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/x-javascript
cache-control
private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 4668 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 08:27:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
33941
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48183
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 19 Feb 2025 08:27:23 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4668 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
32563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 08:50:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 4668 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
31430
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Feb 2025 09:09:14 GMT
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4668 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:32:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
552033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16886
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:32:31 GMT
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 4668 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 16:20:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
5571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96927
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 19 Feb 2025 16:20:13 GMT
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4668 		2 MB
778 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
552033
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795740
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:32:31 GMT
container.html
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EDB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
16
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:48 GMT
expires
Wed, 19 Feb 2025 17:52:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame EDB5 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 08:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
32213
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Feb 2025 08:56:11 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame EDB5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
16357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 13:20:27 GMT
NativeAPI.js
tm.jsuol.com.br/modules/external/ Frame EDB5 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/external/NativeAPI.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
dd0e37549cb6bb59eca740965898ba653ee7da4d94361080c2dbdc9d7e43721f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
last-modified
Thu, 25 Mar 2021 18:26:57 GMT
server
marrakesh 1.23.0
x-amz-cf-pop
FRA60-P8
etag
ac7939335462d724d58fc1ff3ce690c3
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
content-length
2258
x-amz-cf-id
h1OLN4wsXorG-q5X1ZxY7YMYHxOv49BZg2I80kOasinA6efQAtf8Uw==
expires
Tue, 20 Feb 2024 18:53:04 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame EDB5 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
913
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 18:37:51 GMT
8051209521939371015
tpc.googlesyndication.com/daca_images/simgad/ Frame 74BE 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/8051209521939371015
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff63e17398eb9bde8cc691e42fc10b9a8f38b9a4f383cc7956680acdb492ab62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Sat, 15 Feb 2025 00:10:51 GMT
date
Fri, 16 Feb 2024 00:10:51 GMT
x-content-type-options
nosniff
age
409333
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50921
x-xss-protection
0
last-modified
Wed, 28 Jun 2023 13:44:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 74BE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
age
1042
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Wed, 21 Feb 2024 17:35:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 74BE 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 22:29:21 GMT
x-content-type-options
nosniff
server
cafe
age
69823
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 20 Feb 2024 22:29:21 GMT
view
pagead2.googlesyndication.com/pcs/ Frame EDB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsugcxbyZB80Rllo8FuDGD3vNUsgR6vGBlZhnghS_J6JFDql2n48srE9sb-TnEmbPbcN2YHwwNeYSN2SGB8aIuFMykh71-y99Nc84eid45x-DVxlIisANjj7pAWSkGf4v1G15c5nTGIfPC98-Qv4XE4H1mJAXuJZzvduEp6otthJjTIULDzQOGNgPiszlFCbSoPM0Bw4_8nCmXUbvKMJYnl9vHaHtdcDpzpTWc596lyBwMYr-u8lTFzTarUOyrX1wgM3hyQh35VZSZazN8A3GYoZKo7V3E4c53lbqyJgG8mCwLApBxYf6_2dFseIiK8FD8JF41tGuiaXz2z0H-vKwpIrK_dSRp75BNjeAfPCGqb9P843b1ZexDUDKJQPH4eOaBOIgSbMNIAzdg&sig=Cg0ArKJSzJbgP_qkVYjqEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
FcQVaHc6MaOcDzQjhAV0qxcmwfGBhK8RIBMWDGFuEgzIwMv0iuHXm_K0BXGfq-NPqFYh9ZAJ9XYV9St2B9vaVg.woff
s.dynad.net/stack/ Frame EDB5 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s.dynad.net/stack/FcQVaHc6MaOcDzQjhAV0qxcmwfGBhK8RIBMWDGFuEgzIwMv0iuHXm_K0BXGfq-NPqFYh9ZAJ9XYV9St2B9vaVg.woff
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7800:1d:3c55:e840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 / DynAd.net 2023
Resource Hash
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee

Request headers

Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
Origin
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-dynad-assets
v2.421 Thessaloniki
date
Sat, 17 Feb 2024 19:37:37 GMT
via
1.1 varnish-v4, 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
x-cacheable
maximal 144h instead of 402.000h
x-amz-cf-pop
FRA56-C2
age
252928
x-powered-by
DynAd.net 2023
x-cache
Miss from cloudfront
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-length
26175
pragma
cache
last-modified
Sat, 17 Feb 2024 19:37:37 GMT
server
Apache-Coyote/1.1
content-type
application/woff
access-control-allow-origin
*
x-varnish
989035053 984200133
cache-control
public, max-age=1447200
accept-ranges
bytes
x-amz-cf-id
rqYlo9vBp5LCpJzjNNzSR7dtj0GRTNKlMB3uFX-ipmbDjYK-DhjEIA==
expires
Tue, 05 Mar 2024 13:37:37 GMT
b
b.t.tailtarget.com/ 		126 B
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10162-1&tY=1&tS=4&tU=0100007FEEE6D465AB06A51302FCC51D&tX=b.52&tZ=306144928&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
370750c57a0f1bfa7992a3816ba2c442fa33e3bd05e32ae71056222e2e88be68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012402060239000/ Frame 457E 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 20 Feb 2024 16:05:51 GMT
age
6433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56214
x-xss-protection
0
server
sffe
etag
"51ebc873ede2e2f0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 19 Feb 2025 16:05:51 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 457E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 17:15:52 GMT
age
520632
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5214
x-xss-protection
0
server
sffe
etag
"1e0d3e55ad08d21f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 17:15:52 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 457E 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 11:32:06 GMT
age
541258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29043
x-xss-protection
0
server
sffe
etag
"f8b65ff06b47be2a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 11:32:06 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 457E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 14 Feb 2024 11:32:06 GMT
age
541258
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"a50cf387c592e9af"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 13 Feb 2025 11:32:06 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012402060239000/v0/ Frame 457E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012402060239000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Feb 2024 13:40:03 GMT
age
447181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12948
x-xss-protection
0
server
sffe
etag
"cd1beca569c88c8d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 14 Feb 2025 13:40:03 GMT
pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 457E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
age
1042
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Wed, 21 Feb 2024 17:35:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 457E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 22:29:21 GMT
x-content-type-options
nosniff
server
cafe
age
69823
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 20 Feb 2024 22:29:21 GMT
truncated
/ Frame 457E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f44757c0a1bcf4f0f41bffec262a3daede3a431b331ce0a170f88012f1dfea9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
5582424992466626548
tpc.googlesyndication.com/daca_images/simgad/ Frame 457E 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/5582424992466626548
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e29d022de1af848a5272289b59f52c4725fe9d1ff614f7c77f8b553f883099f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Fri, 14 Feb 2025 07:00:18 GMT
date
Thu, 15 Feb 2024 07:00:18 GMT
x-content-type-options
nosniff
age
471166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75161
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 14:45:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
beacon.js
sb.scorecardresearch.com/ Frame EDB5 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 07:06:51 GMT
content-encoding
gzip
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:13:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
58258
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
FQ0KN_legLMHTbsaMJZtVCUkidO7coz_FDLcIvU1YLkmc3C90m8r9A==
beacon.js
sb.scorecardresearch.com/internal-cs/default/ Frame EDB5
Redirect Chain
  • https://sb.scorecardresearch.com/cs/26893702/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 09:40:41 GMT
content-encoding
gzip
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
last-modified
Thu, 07 Dec 2023 12:02:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
32590
x-amz-server-side-encryption
AES256
etag
W/"77ff4ede4693897337a38594321529a3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
0fzctPASVXUjgkf581XYtQcrWrVoxwg_0vc-y8XgvAmCXo-wii5rvg==

Redirect headers

date
Tue, 20 Feb 2024 17:53:04 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
location
/internal-cs/default/beacon.js
content-length
0
x-amz-cf-id
HiyA6A8Hvchymz7heUlf76X5-d0IIXM40Md2LTK0asZw-TsC_ARItQ==
id
googleads.g.doubleclick.net/pagead/ Frame 4668 		113 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc317edaee795433a4deafa9a49827ff3f818fdb907655671add08ba7327857c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 4668 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:42:15 GMT
x-content-type-options
nosniff
age
649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Feb 2024 17:57:15 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 20 Feb 2024 17:53:04 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4668 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6ae054336078c44bdf74a9576112d526639b61859841acfd483dd6cec64db43d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40888
x-xss-protection
0
remote.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/ Frame 4668 		118 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 08:33:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
551992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34032
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 13 Feb 2025 08:33:12 GMT
O0gGkLOwZlsvEtn_3NBcCB5b9cpchHh7fZmHe94Vfgw.js
www.google.com/js/th/ Frame 4668 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/O0gGkLOwZlsvEtn_3NBcCB5b9cpchHh7fZmHe94Vfgw.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b480690b3b0665b2f12d9ffdcd05c081e5bf5ca5c84787b7d99877bde157e0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 14:38:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
11695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19804
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 14:38:09 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/vCkE0H_Mkmg/ Frame 4668 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/vCkE0H_Mkmg/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d1ea585b9a4b0ce0212283b69c5e8d6767d5e9f33ce6a06ad39344a2e067c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
x-content-type-options
nosniff
server
sffe
etag
"1708437366"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=300
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62422
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 20 Feb 2024 17:58:05 GMT
truncated
/ Frame 4668 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
rt_bRnnjVKdqhk7BN0qwBwmype9EQ2KpU8Wm1IxTH5KZ_OC6jdbolMFwloinIt_HV446CbUEBHQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 4668 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/rt_bRnnjVKdqhk7BN0qwBwmype9EQ2KpU8Wm1IxTH5KZ_OC6jdbolMFwloinIt_HV446CbUEBHQ=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
a23367e997c504720a206b5bed41beaa3ab9f37a49887085b4652af7e5c20180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="channels4_profile.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3285
x-xss-protection
0
expires
Wed, 21 Feb 2024 17:53:05 GMT
12937031792542350920
tpc.googlesyndication.com/simgad/ Frame EDB5 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12937031792542350920?
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b5c955a8f7e29659a514943f16c32a961c526268d29e70dc0ae9e03b1f27f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Wed, 19 Feb 2025 09:04:31 GMT
date
Tue, 20 Feb 2024 09:04:31 GMT
x-content-type-options
nosniff
age
31713
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88449
x-xss-protection
0
last-modified
Fri, 05 Apr 2019 20:28:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
8557084098312871690
tpc.googlesyndication.com/simgad/ Frame EDB5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8557084098312871690?
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f853dd5feac2f2d0dfa765e6be2ea1c408e09ad51746003543d4e882618f399
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 20 Feb 2024 17:53:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14602
x-xss-protection
0
last-modified
Mon, 17 Jan 2022 14:52:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 19 Feb 2025 17:53:05 GMT
b
sb.scorecardresearch.com/ Frame EDB5 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=26893702&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1708451585022&ns_c=UTF-8&ns_if=1&c3=1&c7=https%3A%2F%2F8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&c8=SafeFrame%20Container&c9=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-amz-cf-id
3GvtZfuhOoU79Ev4HuFTNuP68LIIXZxqe1Sw-P4wIBxQLIqDgcsTiQ==
x-cache
Miss from cloudfront
adview
securepubads.g.doubleclick.net/pagead/ Frame 74BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcDYz_-bUZb7pJfiP7_UP54a56A7QyZHUdfSw85O1EWQQASDSj8YeYJWitYLAB6ABg_anzwPIAQKpAq2f90L1ELI-4AIAqAMByAMIqgSyAk_QjZu-DbGAcltGLrX6miIBEzaA2EhN35k8QGI36sUxAT8ER8ojIZJ3F3jPFLxyC1DiYucvXjRew_N3A9AuYmk1TB9rVtOeHCQAu8OnRXrRlyJKAb-O7FFhlGbZTRC8UvF1CgoT1j91QxdS6-EPZVRS-QOR-SwB-feBmhbei5yVariL8r4Adrc9GSiWBTxDTn1Um9LNw--zWRCDGi9updDhdYJBBB8PfUz7h9asjchvtA4TiPv8zKg4_gmfRXu0F55Pft_Q0LbJel99d5eDWbRnZLlg4cVgmrYUNYTlTwlAle4Uu5hf1ANXktXe4WgliHZP8vTHP9bf8JlvxZpW-5aPLH3L-Gmqka48JhPV2Caopj06h2Zmn4121LiSsBxYAvanfSyjcMVhf3WG2NEJ8ZKPo8AEo7TDgrkE4AQBiAW994qqS5IFBAgEGAGSBQQIBRgEoAYCgAflidgwqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQu9kT0ggpCJHhgHAQARgdMgXri4CAIDoJgECAgICAgIQISL39wTpY-KL8jb66hAOaCT9odHRwczovL2hhZ2VyLmNvbS9kZS9sb2VzdW5nZW4vZW5lcmdpZXZlcnRlaWx1bmcva2xlaW52ZXJ0ZWlsZXKACgPICwHiDRMIk7j9jb66hAMV-Me7CB1nQw7t2BMN0BUBmBYBgBcBshceChwIABIUcHViLTQ4NTQwODMyNDQzMzA5NDgY3ugU&sigh=2t4hxKVm5Is&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
p
sb.scorecardresearch.com/ Frame EDB5 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=6036356&c3=1&c15=&cv=2.0&cj=1
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-32.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
via
1.1 e4f83d72be7853fbcceb590827a5b68a.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
5zZE-PnM72ske5uud88ZQNlojdmvvcrPBlWxRElW8XXjU5Dqm3aZMg==
5582424992466626548
tpc.googlesyndication.com/daca_images/simgad/ Frame 457E 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/5582424992466626548
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e29d022de1af848a5272289b59f52c4725fe9d1ff614f7c77f8b553f883099f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires
Fri, 14 Feb 2025 07:00:18 GMT
date
Thu, 15 Feb 2024 07:00:18 GMT
x-content-type-options
nosniff
age
471167
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75161
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 14:45:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
pt.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 457E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/pt.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:35:42 GMT
x-content-type-options
nosniff
server
cafe
age
1043
etag
7735524722462771930
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2886
x-xss-protection
0
expires
Wed, 21 Feb 2024 17:35:42 GMT
icon.png
pagead2.googlesyndication.com/pagead/images/abg/ Frame 457E 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012402060239000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 22:29:21 GMT
x-content-type-options
nosniff
server
cafe
age
69824
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 20 Feb 2024 22:29:21 GMT
truncated
/ Frame EDB5 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28622e4c1f35270ea334648e914b5dba6a9cc9c01e68ab0e3343b4297561e6cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 20 Feb 2024 17:53:05 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 4668 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
542cbd48e95dadcdf90b54e7673d81cf1747a9c18916e6fb6f86b5ccd4c4a612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
collect
p.clarity.ms/ 		0
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://tnonline.uol.com.br
Date
Tue, 20 Feb 2024 17:53:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
ca
tt-10162-1.seg.t.tailtarget.com/ 		78 B
116 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10162-1.seg.t.tailtarget.com/ca?tZ=776217959&env=_ttq_tt_uol
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/libs/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
2522893395c2050caf8c37f2327a02c489957de67634cede4e1ed45707baa874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
via
1.1 google
server
nginx/1.17.8
vary
Accept-Encoding, Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 4668 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 17:53:05 GMT
generate_204
www.youtube.com/ Frame 4668 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?QOs4lg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/vCkE0H_Mkmg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 457E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CzZrgAOfUZfa0D6La7_UP0J-EmAyR3_vldejZ-LTPErCQHxABINKPxh5glaK1gsAHoAGBj_2pKcgBAqkCrZ_3QvUQsj7gAgCoAwHIAwiqBMACT9DKE7aPjGm2R436jG-W8-b6smchKh7F5eycYs5he1rtjmjAuDGqprsRaqa33r04xnYIq_OFi7j28-82KN25C_ZelE0zZyLh9YaLTMSbHR9eUdPaywxqYKh06dpebXs1tzm2Uptr51O8da5IpcDUyIP-nfr5HSaYbpEL8mXRtQYwn8LbAAb21wA1Bot2HFnnQR8h1u68tNH_x6guy3jsDhJrezdG4IlbPqgLuC06e8JdAo66-G805ewN6G_WSu95Q_CWYI919uoa4oVE24uOg3FWnbemhPRT0jFlxGQ06fiJhn_NWZYXseqA0D9rkE6K03emDFgnOyx4FDydy81xc14TjBb3VpvcSo9mwj5GeTKji9_IAepyPOcUMRr1YV0fTCZAwLURn38GtC6UzpCoDy0x30CJYHUAU4ss634I3PbABP3Kw6PJBOAEAYgFgaf0nk6SBQQIBBgBkgUECAUYBKAGAoAHgcfNiQSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCZlgTSCCkIkeGAcBABGB0yBeuLgIAgOgmAQICAgICAhAhIvf3BOljwnv-NvrqEA5oJLmh0dHBzOi8vZXhwZXJ0LnB1Ymxpc2hpbmcub25lLzE5MDY4NjYvd2VyYnVuZy-ACgPICwHiDRMImNj_jb66hAMVIu27CB3QDwHD2BMK0BUBmBYBgBcBshceChwIABIUcHViLTQ4NTQwODMyNDQzMzA5NDgY3ugU&sigh=UiHPG3j83gw&uach_m=%5B%5D&ase=2&nis=5&cbvp=2
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
cast_sender.js
www.gstatic.com/eureka/clank/121/ Frame 4668 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/121/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 21:05:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14705
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 16:05:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Tue, 20 Feb 2024 21:05:36 GMT
__tt.gif
t.tailtarget.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10162-1&tE=0&tF=&tI=___de_1708451584663_1358890859&tJ=&tQ=sitetnonline&tU=0100007FEEE6D465AB06A51302FCC51D&tX=b.52&tY=1&tZ=583035268
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/?d=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/gif
cache-control
no-cache, private, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
view
pagead2.googlesyndication.com/pcs/ Frame EDB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstD9VObuCbINEecRVSdfQMn9UvvMAkI6HwwJ79ZSiXIAXfEDQPQsW1sTYrPY6-u1_ipVC-VX7Lybpwi3S1xtJmTGBv7DmQIdQ2uZMoN7gBisbqQWOumgonIdECXbKBDn3LCY5DmG3CatQxpB9sWzWuG5pgr4HCgDJY1Kf6rj1cNb7yk-y_MEJr7iWAHpvuWg7IPEh-s2f7dCc_MH7wumNZSYxu3CY_Ihat0FBjRE3qBFadTm9iTljPPKt0hixqGLbni30vWrCc4cUbrONrdq64VMbVEFvMabiGfAgNy4NKklSH-10mqH1PAJ-5momN0vnFkfGTzQyM3x_aaiPJKLj5PWPrDQZtxkMux6hKScCMmDWbLwrlZ1CxD4X1GEdcfIMZP_1wFADiTg5pN&sig=Cg0ArKJSzPRw9O13voHwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
partner
tracker.bt.uol.com.br/ 		0
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.bt.uol.com.br/partner?source=tagmanager
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2804:49c:3104:401:ffff:ffff:ffff:34 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Tue, 20 Feb 2024 17:53:06 GMT
Server
nginx
Transfer-Encoding
chunked
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
Content-Type
application/javascript;charset=utf-8
Cache-Control
no-cache
Connection
close
Expires
Tue, 20 Feb 2024 17:53:05 GMT
purge-clients.html
tm.uol.com.br/ Frame 3101 		213 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.16.6 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
182
content-type
text/html;charset=UTF-8
date
Tue, 20 Feb 2024 17:53:05 GMT
etag
8b30191927f0982283d45c76292da712
expires
Tue, 20 Feb 2024 18:03:05 GMT
last-modified
Thu, 27 Apr 2023 14:19:29 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.16.6
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-id
FmMtuLGbbqnZLA2rBU5Y0jmNSX6XLc8A5D53DH04u6XyN21b320o3w==
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
purge-clients.html
tm.uol.com.br/ Frame 7D1C 		213 B
845 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:e400:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
cache-control
no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
content-encoding
gzip
content-length
182
content-type
text/html;charset=UTF-8
date
Tue, 20 Feb 2024 17:53:05 GMT
etag
8b30191927f0982283d45c76292da712
expires
Tue, 20 Feb 2024 18:03:05 GMT
last-modified
Tue, 05 Jan 2021 19:37:59 GMT
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
server
marrakesh 1.23.0
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
x-amz-cf-id
--Zy-55ST0AHa11vq8a--X_KfUNDQZwIpZ10_nU68vAiknwaKk1hxg==
x-amz-cf-pop
FRA60-P3
x-cache
RefreshHit from cloudfront
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&RedC=c.clarity.ms&MXFR=0CB0C9F13F346D411309DDDA3B346381
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&MUID=19ED4DF539CE6A6C399859DE38626BCB
42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&MUID=19ED4DF539CE6A6C399859DE38626BCB
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:05 GMT
last-modified
Fri, 09 Feb 2024 19:55:32 GMT
server
Microsoft-IIS/10.0
etag
"2155d7f0915bda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 582006F4AB8D45B7863DA1F4DC0D14A9 Ref B: FRA31EDGE0813 Ref C: 2024-02-20T17:53:06Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=521991CBACAD4648BBCAC7ADFCA11437&MUID=19ED4DF539CE6A6C399859DE38626BCB
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8bcc51298552b2e82bf9c85cd9c528ea656ecc68c38134d877d4e53878e228d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12318
x-xss-protection
0
weather
tnonline.uol.com.br/apis/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/apis/weather
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
b9572a491dceb69854b69578b28113b8f7d7d4ce4758a38d797c94312c1d2325

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://tnonline.uol.com.br/?d=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-mw-action-duration
00:00:00.0156375
via
CacheUOL
x-aspnet-version
4.0.30319
age
646
x-powered-by
ASP.NET
x-cache
HIT
cache-tag
page, page-apis-weather
x-mw-request-duration
00:00:00.0156375
x-mw-cache
true
x-mw-generating
False
content-length
877
referrer-policy
no-referrer-when-downgrade
x-aspnetmvc-version
5.3
x-mw-generated-by
MW Portal
server
nginx
x-mw-cache-date
Tue, 20 Feb 2024 17:42:17 GMT
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
x-varnish
71719616 103597284
x-mw-cache-valid
True
cache-control
public, stale-if-error=3600, max-age=898
accept-ranges
bytes
expires
Tue, 20 Feb 2024 17:57:17 GMT
edicao-do-dia.html
tnonline.uol.com.br/statics/ajax/ 		304 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/statics/ajax/edicao-do-dia.html
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
a8efe93c46a68ed8afa139d2ae76ae5e1aad80a69261d71ccd52a3656dfc0dfd

Request headers

Accept
*/*
Referer
https://tnonline.uol.com.br/?d=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
via
CacheUOL
age
206
x-powered-by
ASP.NET
x-cache
HIT
content-length
327
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Feb 2024 17:48:21 GMT
server
nginx
etag
"603484fe2464da1:0"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-varnish
103720277 99804310
cache-control
public,max-age=300
accept-ranges
bytes
mostViewTop.html
tnonline.uol.com.br/statics/ajax/ 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/statics/ajax/mostViewTop.html
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_34e66f411751e6a2310b5c869ab4f682.js?t=1677070646
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
06de17ba3463bd782e406892d90188002368f1a7c22b46c70cec89c1a3c1dd95

Request headers

Accept
*/*
Referer
https://tnonline.uol.com.br/?d=1
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
via
CacheUOL
age
243
x-powered-by
ASP.NET
x-cache
HIT
content-length
4774
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 20 Feb 2024 17:48:34 GMT
server
nginx
etag
"f9624d62564da1:0"
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-varnish
97477030 25716920
cache-control
public,max-age=300
accept-ranges
bytes
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		380 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7274ba10554801c2589a0461ef72855be2ac1463f95598dd237822016a4de06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133089
x-xss-protection
0
expires
Tue, 20 Feb 2024 17:53:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 17:53:05 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 74BE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4iQloImyj_G9i-wMs18dU1qhu_P9tr89KLlVKK2Q_ITJW48aPL0gcgwm1oxMnS93eqifVeUMOilH4L3Seas0MKppnC6SniFx6l1aED0MVzXuMTAh1nN3eJXXqRaMqzfiQGu9bldQz9oT8irWfMgMNh2__p91StYCc03buUw&sig=Cg0ArKJSzOGRRTvGILpNEAE&id=ampim&o=315,299&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1008&mtos=0,0,0,1008,1008&tos=0,0,0,1008,0&tfs=1022&tls=2030&g=100&h=100&tt=2030&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BC6 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 16:31:22 GMT
expires
Wed, 19 Feb 2025 16:31:22 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E19C 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c2f7ddb4cc752cb5fd1afd98bd146974355250590e4ffd036aa513d9b0f38cfd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mDSwoeNbuV5qsCgLfnUSxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mDSwoeNbuV5qsCgLfnUSxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:53:06 GMT
expires
Tue, 20 Feb 2024 17:53:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cloudy.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/weather/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/weather/cloudy.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
b5e90c68bd6632ed47483f2fa0c70f4ff0ef40143f6bb686eb7dd1002ff54e53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
22899
etag
"a367b8940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
100319334 99820772
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
16210
rainy-3.svg
tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/weather/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/img/icons/weather/rainy-3.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
2f85e6f2bd86d81a004b6fabd74df0f89c455626843257f604ccdac0f8b89999

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
81004
etag
"a367b8940e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/svg+xml
x-varnish
101244346 86975462
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
6638
Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/350x250/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de...
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.jpg%3Fxid%3D1185981%26resize%3D275%252C150%26t%3D1708451301&xid=1185981
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
70fb530eaff17f14fb020e9c41ae028133f870c8ee40ed9aaeb6869ba533d49d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:07 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 03:02:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"90d16933a963da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mO2YSQjeaPra3UXqLZKs6y%2FgYe3zjNs4qM2QEKqOhSdvo7Tezb7HKqs05hu%2BcnMEeasNOBGlch9IBm%2BnED64t0Fk20L2yOBJ2gvWADy%2FbJ1Sw6Bq6SU6Z5Q%2FtNNiOn3kfnngKwNKNlhPGMVTh3HrVefu"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b706a1e02de-CDG
alt-svc
h3=":443"; ma=86400
content-length
13122

Redirect headers

date
Tue, 20 Feb 2024 17:53:06 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
96268492
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/350x250/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FEdicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-xs.jpg%3Fxid%3D1185981%26resize%3D275%252C150%26t%3D1708451301&xid=1185981
content-type
text/html; charset=UTF-8
content-length
441
lato-Black.ttf
tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/ 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/fonts/Lato/fonts/lato-Black.ttf
Requested by
Host: tnonline.uol.com.br
URL: https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
200.147.36.53 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
200-147-36-53.static.uol.com.br
Software
nginx / ASP.NET
Resource Hash
8944da5a861ece00185fa173ea65324e7d4797aa863c6fa0f03e066805974b6c

Request headers

Referer
https://tnonline.uol.com.br/bundle_d339c44411029cf7c31126a1eb06427a.css?t=1677007048
Origin
https://tnonline.uol.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 26 Oct 2022 13:40:39 GMT
server
nginx
age
22613
etag
"b3cbee8840e9d81:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
application/font-sfnt
x-varnish
98459557 96319374
cache-control
public,max-age=86400
accept-ranges
bytes
content-length
69484
client-purge.js
tm.jsuol.com.br/modules/ Frame 7D1C 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=dynad_rt&expname=dynad_rt_exp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:05:14 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
2872
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
9152
last-modified
Thu, 17 Mar 2022 17:50:21 GMT
server
marrakesh 1.23.0
etag
827b2a3854d3757c0264519acafab901
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
mfHsb0LTv7U2stUcVSPZGgHL5JDkDUZ-rcPHb_bf5691WE7GP2MHNQ==
expires
Tue, 20 Feb 2024 18:05:14 GMT
client-purge.js
tm.jsuol.com.br/modules/ Frame 3101 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tm.jsuol.com.br/modules/client-purge.js
Requested by
Host: tm.uol.com.br
URL: https://tm.uol.com.br/purge-clients.html?name=DEretargeting&expname=DEretargetingExp&expdomain=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2761:a000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
marrakesh 1.23.0 /
Resource Hash
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tm.uol.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:05:14 GMT
content-encoding
gzip
via
1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P8
age
2872
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length
9152
last-modified
Thu, 17 Mar 2022 17:50:21 GMT
server
marrakesh 1.23.0
etag
827b2a3854d3757c0264519acafab901
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id
FVCC7Dr4zHG3Y6H6NTHJX1u2DBr4P5d4NxibQUnMjzq4wnRfdSHbbA==
expires
Tue, 20 Feb 2024 18:05:14 GMT
bridge3.621.0_en.html
imasdk.googleapis.com/js/core/ Frame 3E56 		756 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89dd617f06b5cde21926c8f2560c7f882b74f1a3fd8845830d6a68d83cc4618c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
497832
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247675
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 14 Feb 2024 23:35:54 GMT
expires
Thu, 13 Feb 2025 23:35:54 GMT
last-modified
Wed, 14 Feb 2024 23:28:48 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Feb 2024 17:53:06 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8B9B 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 20 Feb 2024 18:50:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E19C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402150101&jk=3199504113006608&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
pagead2.googlesyndication.com/bg/ Frame 9BC6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 15:37:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
8111
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15261
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Feb 2025 15:37:55 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3E56 		156 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=480x360&iu=%2F8804%2Fparceiros%2Ftn_online%2Fin-article&ciu_szs=300x250&output=xml_vast4&ppid=17c0efb0-c4ca-42ff-bacf-eed2db1975c3&ppid=17c0efb0-c4ca-42ff-bacf-eed2db1975c3&unviewed_position_start=1&correlator=737375431382573&gdfp_req=1&ad_rule=0&env=vp&description_url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&cust_params=campaignuol%3D1%26videoplayertype%3Ddynad_in-article%26videoinarticlepos%3D1%26videoplayersize%3Dsmall%26keyword%3Dvideo-auto-play%26UOLDNA%3Dnull%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3%26bt%3D9000%26cdn%3Dother%26hasFocus%3Dtrue%26hasMouseIn%3Dfalse%26origin%3Dtnonline%20uol%20com%20br%20d%201%26ppid%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3%26topics%3Dno-topic%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna&vad_type=linear&vpos=preroll&pod=1&min_ad_duration=0&max_ad_duration=999999000&ppos=1&lip=true&video_url_to_fetch=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&sdkv=h.3.621.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&sdki=445&ptt=20&adk=1524564207&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.621.0&sid=13FF6705-0DBE-4D32-BA2D-FA1C1F113192&nel=0&eid=44772139%2C44777649%2C44781409%2C95321947%2C95322027%2C95324054%2C95324128&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&dt=1708451586577&cookie_enabled=1&scor=576723096741911&ged=ve4_td24_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.621.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 9BC6 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?02-BEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame EDB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvAoot6GzFCB1ppeNOIcpBKryrmKgCwLkI0KNgdC0QX8GG7_qVFMwk6O6IfXyrhauBW46nTszlf8d-Z5k7BlCu8TEfFodYbWivsFVTe6DMJAZ_EftnR4i9WIEtTkWETnCI08TeiM1ZM6rZaQh6boLAO75id_t0Wb7qaOM&sig=Cg0ArKJSzD8YiocR33U6EAE&id=lidar2&mcvt=1008&p=999,1040,1249,1340&mtos=0,1008,1008,1008,1008&tos=0,1008,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=7&adk=3274985505&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=438438400&rst=1708451584348&rpt=1452&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3E56 		0
0
csi
csi.gstatic.com/ Frame 3E56 		0
0
truncated
/ 		873 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
prebid
ib.adnxs.com/ut/v3/ 		139 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6414e3b841c6cd1fb1862da8f480da3ab6158c9432dd228e470492b029651509
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:07 GMT
an-x-request-uuid
d49edef7-2857-4f59-a823-007e29b4ace2
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.107; 80.255.7.107; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
prg.smartadserver.com/prebid/ 		186 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:08 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=992490
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40101a7179378bb0fa42c4b9bf544574bc93960cba18b00cfd326ca987e02fd6

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:07 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADcK28cWsJo9EE6yWR795lKlXjZjsTSVLul0HyDyuql1u497pt%2FvZ38X8b9PC%2BOALj6nTnKo3HE6XMkU8ufNNMhCh9%2BGed9AwqbwPwFSEK8%2FQqZNLTjP0OpnZYWp0RyPsXZ%2Fc%2FY6"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
85889b723aa1450a-TXL
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		425 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=185976&zone_id=904472&size_id=15&rf=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&tg_i.domain=tnonline.uol.com.br&tg_i.page=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&tg_i.ref=https%3A%2F%2Ftnonline.uol.com.br%2F&tg_i.pbadslot=%2F8804%2Fparceiros%2Ftn_online%2Fin-article%2Foutstream&tk_flint=pbjs_lite_v7.52.0&x_source.tid=92f2c25e-2aad-45a0-8d71-f275fbae2c1a&l_pb_bid_id=34bcca64c43df78&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=92f2c25e-2aad-45a0-8d71-f275fbae2c1a&rp_maxbids=1&p_gpid=%2F8804%2Fparceiros%2Ftn_online%2Fin-article%2Foutstream&slots=1&rand=0.4892657856196432
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2e1cbc5a4355500520e93d85fc951beef125d4a4d771537ebedf0c2d9d525bd9

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:07 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
425
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
s.seedtag.com/c/hb/ 		11 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://tnonline.uol.com.br/?d=1
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 20 Feb 2024 17:53:07 GMT
via
1.1 google
server
openresty
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://tnonline.uol.com.br
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
log_event
www.youtube.com/youtubei/v1/ Frame 4668 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708451586948
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/vCkE0H_Mkmg
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
Cgt4QTJ5M2JIQUR0Yyj_zdOuBjIKCgJERRIEEgAgMw%3D%3D
X-YouTube-Ad-Signals
dt=1708451584453&flash=0&frm=2&u_tz=60&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C780%2C410&vis=1&wgl=true&ca_type=image&bid=ANyPxKqy9YBPlIAPLRcj-I6WeYk9pGAlcaqZSrhs9t8cpNR52Xr4SZzT1D1r6zA3oVvbAuvtUiAY2OreJJ4vmkK3I4PdpFb6Yg

Response headers

date
Tue, 20 Feb 2024 17:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402150101&jk=3199504113006608&bg=!kpGlkd7NAAZN4L4YbeA7ADQBe5WfOJ5e6Rv8mw_JNBg4mUOx51aqMrAwP5PlOyf4oJPUMwMsyCj0ByEiNdB7cy8olf72AgAAAO9SAAAABWgBB5kC2CB-s3KjggNFTDHSHNVulX7zxaB75kAWnjdYSae6vOUOLAlE9s4hM9m0k-7Yz_mtjr5EIJb1ge1WcMyCdCxt20j41PqOABKup-FYHgixY0RanQORMMZLV5m5LESxHG4Tz_t2b2YNLO5eP3QqDxdV9gp4Tb4zFTun43snIi8Cxz82KVSh7d9b9eIO3YW3NPbDMzAFUk9iS7WUiV4ezRPrdI2SE1_xsd5ikcG6B4T15mNG3HT8u0H-oRXKstamwroD84Jc9FsciSCREKgdQMpl9ZoQadBgdDcpXDfeMb5r98nU3j6E_luPaXZlVUD6MZaqGAc7InG6pzxoTSoWOtvbmu5LUOkBUBW0Nn9SuRuQvKpAW2xUrph0rWHBENDkYUVby9iBSF7WIDbal8eg-xXUVrRrJeYD5ihpn8D1q9Z13S_ApP7kCfCdsnpiwnAug4_solAx8VS38NWKgTs_rg9iFdovaDOccz2qG3qxr-izbKVHLfjopO-qVtPCXcPcHQNHEw8tnbK4tpH6wOmTRotqYbmY2ABCyZVEhanG-vf6onfJa62hCWhHxpgVIcX4uYOLYIklNFLfGH9meVU6e5Wn-oBovk01CkYeFkeTNUISL9w09UfuAEectvK-GVPcDU9IRTJ4gzb4Q-Om6LmYrb2BBqPmkakR5te_wZB1Jm4SYX31Vfs10mdJnesLAPKuCeavqmWii3ep4GCKvcmXRhSCCIHirT2wad4NlHYm65x0J2X-lwekM3FELMci9JYX3D3Iesx2P1hzOzVuBDumjL_L2fpfGD83xbLdciKtsRhFX3PhByff6yV1Lbwl_9BG_YU6wTETvnRaw7Y75iQKV2tEk1eF2vmiLtbo7zrlZImYfF-347Wx2rKpw-Mqg0ADmK6we6dXV40r2iizz_ukSUlEEH8URc-1m-3mBcaBKCdqb7QXsN177njUwspjnKM6qKltUJcHFchYXEHv
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		35 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3199504113006608&correlator=4326475125479209&eid=44809527%2C31080782%2C31081225%2C31079239&output=ldjh&gdfp_req=1&vrg=202402150101&ptt=17&impl=fifs&iu_parts=8804%2Cparceiros%2Ctn_online%2Cin-article%2Coutstream&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&ifi=8&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1708451588636&lmt=1708451588&adxs=1280&adys=800&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=4&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Ftnonline.uol.com.br%2F%3Fd%3D1&ref=https%3A%2F%2Ftnonline.uol.com.br%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&psts=AOrYGsnc3MDnk35Ej7B64b5SZyeyL1oBnllSzSxQ-631PPFKL1AQtROJQRX9RLwxZ4v9ioxM-GTgpXVbE86O4xLP8LX0%2CAOrYGslyXLf9h8VFsTyrcvTV2ABpvRRLeC6VX1rgWZ31EGjoC8s_EPyeZGIka4uZw0pcdMMYVavCun8ozzy8oQ%2CAOrYGslkXrCw1onOZ7DAga5OvUIm1p9NN8kii5zD0AITPH9ofPwgGb7Vrv9gNZpFBWco2BzrJxZ-7_HSd56ppw&ga_vid=1654842199.1708451563&ga_sid=1708451568&ga_hid=1789849754&ga_fc=true&dlt=1708451562820&idt=3672&prev_scp=campaignuol%3D1%26group%3D6%26pos%3Doutstream%26native%3D0&cust_params=origin%3Dtnonline%2520uol%2520com%2520br%2520d%25201%26hasFocus%3Dtrue%26bt%3D9000%26cdn%3Dother%26tt_age%3Dna%26tt_cluster%3Dna%26tt_gender%3Dna%26tt_microsegments%3Dna%26tt_socialclass%3Dna%26tt_subjects%3Dna%26tt_team%3Dna%26topics%3Dno-topic%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse%26UOLID%3D17c0efb0-c4ca-42ff-bacf-eed2db1975c3&adks=517285977&frm=20&eo_id_str=ID%3D4230576bc8a439be%3AT%3D1708451568%3ART%3D1708451568%3AS%3DAA-Afja8aaVD8xq6lvVGYKlIcHPh
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b6c1b196e9271dd5ab475c523733a74ce73db2605031b2ab6229b4ab401cf23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14309
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://tnonline.uol.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Crime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Principal/830000/575x385/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Principal/830000/575x385/Crime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Principal%2F830000%2FCrime-aconteceu-na-noite-desta-segunda-feira-192-00837839-0-202402201016.jpg%3Fxid%3D1186201%26resize%3D575%252C385%26t%3D1708451453&xid=1186201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e3c0998c25010738899789ecdec5a750a4293559d92c769256b3577eab0c7060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:17:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4ed9d18ff63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t1N%2BGXVRo22mv%2Bm8nFOCCh8Tnqhxis6P%2B3PRL0irGJ16VGNcBHoi43vQbXKY211hebN4S7MCGmt4YNCYJMWjYZYgB7hdVvJNYDXbp7uHDwJfWi1nSGdGYvbI9MRWqJ%2FhHIuz4BOfBdQDLv%2F7laoPcE%2Fk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7fda6602de-CDG
alt-svc
h3=":443"; ma=86400
content-length
26960
O-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Principal/830000/585x385/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Principal/830000/585x385/O-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Principal%2F830000%2FO-crime-que-ele-esta-envolvido-aconteceu-no-dia-16-00837824-0-202402200844.jpg%3Fxid%3D1186169%26resize%3D585%252C385%26t%3D1708451453&xid=1186169
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
64be6320b7bbc651ef34ae28c11b33a4fc0622929feee0269846741dda3c5ec6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 13:17:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d53a118ff63da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ma%2BzlbzRPsWawJbT1Nri7HBxewgItkuMxAHpu%2FCOks5gpG5qmTsW0td4xIy6TaPcrt2gVveCmMSDRnCiLzdEzBFjryaGY3NZDHiLTWdDtUJwQXBlT%2BruPoAd11uAFUqoUbc21Pvf%2FFgGjoebQ%2B8FPIJk"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7fda6802de-CDG
alt-svc
h3=":443"; ma=86400
content-length
40396
Maior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Destaque-Secundario/830000/260x150/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Destaque-Secundario/830000/260x150/Maior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FDestaque-Secundario%2F830000%2FMaior-pesquisa-feita-com-empresarios-do-setor-indu-00837870-0-202402201222.jpg%3Fxid%3D1186345%26resize%3D260%252C150%26t%3D1708451453&xid=1186345
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
656fcb44d24c53fb1f86f7ac85a3df256154ad00c5fa8d73703ee1d2957d9efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
MISS
last-modified
Tue, 20 Feb 2024 15:23:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bc29cfb01064da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEsBChb96opz6NF7PFh7YyY62c8A2YqlDx0XbvTaQ2j0e0Cu%2FfdXzOtpNBZ735gnOCLSoG%2BvSU5h52tOsnDM0yeYSSYB%2BBv6ycIbu%2FwyjYAOTWIxefhLEhdI52II6C0UEegamBrEmYAgqQSn719Lg5Xx"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7fea8802de-CDG
alt-svc
h3=":443"; ma=86400
content-length
10942
O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186404%26resize%3D276%252C160%26t%3D1708451454&xid=1186404
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
30c47a8f42f066d57122c9c7423bac6aeacda4838e57a64e8af4b35f3ddb254f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7428
last-modified
Tue, 20 Feb 2024 17:23:30 GMT
server
cloudflare
etag
"f12c3e862164da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djfJHxj2VlUEBFtR3P95xIWT%2Bta2tNwvg1TZoT9JiAMeeLNb8z2UnWYkg816mwLuzQppHx8FK3t8dUCWueyOahQyU5A3LdZPNTuaS5iPWvpu8qmuAbjFBzkySjUigleEDlE9rqd7drPHNMIP19JXN5%2Fb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feaad02de-CDG
O-caso-e-investigado-pelas-autoridades-00837902-0-202402201402-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-caso-e-investigado-pelas-autoridades-00837902-0-202402201402-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-caso-e-investigado-pelas-autoridades-00837902-0-202402201402.jpg%3Fxid%3D1186397%26resize%3D276%252C160%26t%3D1708451454&xid=1186397
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3a1af736fc3231918978d0dfbe35b6749b2a65ac97444d79fff0f65e9d2fa4b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
4140
last-modified
Tue, 20 Feb 2024 17:02:45 GMT
server
cloudflare
etag
"caba15a01e64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYqPYMrxZzwz0b%2BOB2n8jon2IqK6LaFpZJe8TfY3GoXP2SHMjN0e%2BAl3SoepMq7C2mqxLwc67CEwZ4bzj6W36xnYVcaojjRhAMiZ9y3EbgxO6LS%2BLJDhijGlwUYn%2FdDoV1EGgX7DNsp6TFgsGBGlpnnA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feab502de-CDG
O-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351-ScaleDownProportional.webp
cdn.tnonline.com.br/img/Inferior/830000/276x160/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Inferior/830000/276x160/O-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2FInferior%2F830000%2FO-Servico-Aeromedico-foi-acionado-para-socorrer-a--00837899-0-202402201351.jpg%3Fxid%3D1186393%26resize%3D276%252C160%26t%3D1708451454&xid=1186393
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2c3b7ffe3c5617bb46345a5257b4377733068a9827e45e7d639c55f1c9ac765a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
10704
last-modified
Tue, 20 Feb 2024 16:53:02 GMT
server
cloudflare
etag
"66d7c441d64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oj9bMUKX%2BVyN3Y40evP0FshaPxEqVOGXmS7v%2B6cwhL8yGaIsvA2tydH1O2vrw4TL6S%2F%2BtJHpFqqXmbxcPkubqNuwgEuog1f%2F%2FJYU2Wexe7PR%2FKMR%2B%2BXv0SHxD3u0LnrlkaSUhSIQWR2ZQ5H8UPBNWytj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feab902de-CDG
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/Mulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FMulher-tem-carro-furtado-durante-culto-em-igreja-00837813-0-202402201049.png%3Fxid%3D1186254&xid=1186254
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
04e628542db1ea3fa68c19869656fe3c25c072f5f7752a83bf2dcfb451010aeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
19254
last-modified
Tue, 20 Feb 2024 13:50:13 GMT
server
cloudflare
etag
"20942ba364da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ul3oorOd5%2BDFyhopTuCreLVTplQohTCW5XWvZBkifFGbBmeNkw5nn7Ucf0StA5GnVSIoLp6H%2FNO3LcReEAahEtdLQoLO3BKG%2FG3KFk0EFap8j3UJvOOiCr8besmEsP8p5KX3deokDhd4N%2B0T%2BztFbVIA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feabe02de-CDG
Homens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Homens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FHomens-teriam-apontado-a-arma-para-a-mulher-e-pedi-00837809-0-202402200753.jpg%3Fxid%3D1186137%26resize%3D245%252C160%26t%3D1708451454&xid=1186137
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
83bcf8f0074ddf51d53b18f1c690ddb26c6c7759b18e6abe14d7d1d9dbf35b0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2622
last-modified
Tue, 20 Feb 2024 13:20:08 GMT
server
cloudflare
etag
"1a574d86ff63da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2LIkP%2BV4%2F%2Bno1tRTaQ%2B84flSsvgKv5Vlssst28jNN22BDEH9KQv52Dk%2BGv2ULqKmeTkHf0lwgi2rKEJzrX%2BNpMiC2KZMqK4BJl9CJxLsPRU7b7BYXVr4WlbhyCxh6yTFj21%2BU4ciNv3XDE1ZfsqlOHz"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feac302de-CDG
As-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/As-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FAs-informacoes-sao-divulgadas-no-site-oficial-da-A-00837807-0-202402200734.jpg%3Fxid%3D1186121%26resize%3D245%252C160%26t%3D1708451454&xid=1186121
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
2fd9ed1c8a9c35b447ac85fbac9893a1c44601aa34710d50e178ebe5ca3db7c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
9800
last-modified
Tue, 20 Feb 2024 16:16:54 GMT
server
cloudflare
etag
"88e41381864da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrVrEk%2F1KrlKU28P0%2F9xgMWzjOpmkZbSUo5WYz6YZlxYFqY0lso9CENly43fL%2Bm0Ofbq6eAw6cvzewdLn20rkF6IEOifTc9TKgDA5hattZGmRCxq6Bix%2BFUPIBDKoM0LY%2FvlFlWg0RJeIHBHeq027TTY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feac802de-CDG
A-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/A-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-maxima-prevista-e-de-25C-nesta-terca-00837547-0-202402191352.jpg%3Fxid%3D1185724%26resize%3D245%252C160%26t%3D1708451454&xid=1185724
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
910f54619aa2e3319aa9df5a2aba9ce45fe2427926822d7eb754308a06c3850c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
4652
last-modified
Tue, 20 Feb 2024 16:27:29 GMT
server
cloudflare
etag
"172375b21964da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uckVnuZQuZ2%2Fbw4mxQsWHt1P8Qquht7yNhMCXu7%2FHXTt0DkGGXolXJe37islJ4lg1RE06SsXYCquq4rTBi%2BrPsXkxqknUs%2F7Rr1C884QGJ7yajKXaaueMag1Q0rABDzbxwymzP0KVuND20j8L7zJZkiF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b7feacc02de-CDG
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/Vitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/Vitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FVitima-foi-agredida-com-diversos-golpes-de-facao-00837850-0-202402201045.jpg%3Fxid%3D1186241&xid=1186241
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf1fb76085cf06754a2bafd42d1eb4b827b942e5f8b97d2cf4ae98f39c31928e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
36320
last-modified
Tue, 20 Feb 2024 14:23:52 GMT
server
cloudflare
etag
"889ebd6d864da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9H7Hq9r1vYhmdeSHF7U%2FSa1kJBZHDPya02jlOp8V3IQ2afqUfiznawIAPYTrJKGgB4osvc3wjnNEV3gGAfsXHzhv8ijkdrSHIwhn4HglB2YvGvvPQ39axbAP4W%2FZrA8NMpqLFA8EL4wXMf72uQQx3Nhr"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800ae602de-CDG
Acidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Acidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FAcidente-aconteceu-neste-domingo-18-e-nao-houve-fe-00837503-0-202402191100.jpg%3Fxid%3D1185608%26resize%3D245%252C160%26t%3D1708451456&xid=1185608
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
67fd9e13b8e46800c09376cc14ff678d47fee1a0312124caa1103cb587a819f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
6590
last-modified
Tue, 20 Feb 2024 14:23:52 GMT
server
cloudflare
etag
"bb0be6d864da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAleZPEL1kmRmfU%2FpH8gEj800NzBnDXNBU3ElW5WLSOwe%2BkIociaJUOibPHQ4IT5xDY%2FTQDpx65vCcr03MsBdLvrLrV%2FAY60yCKV22SXV82t%2BHVOBxA6928DXa9r4vzmMJle7DPofgcIC0BaGdHo7FyH"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800aea02de-CDG
Imagem-ilustrativa-00837482-0-202402191000-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Imagem-ilustrativa-00837482-0-202402191000-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FImagem-ilustrativa-00837482-0-202402191000.jpg%3Fxid%3D1185547%26resize%3D245%252C160%26t%3D1708451456&xid=1185547
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5035d9ecea04983a14a8ab80860bc7e49d8254946defee150cf9fcd27641ede2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2582
last-modified
Mon, 19 Feb 2024 18:04:15 GMT
server
cloudflare
etag
"daebcec5e63da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8y1hlf8evwhVuhnCGWl6MlyNZ%2FV0cLGAGCxwwwHG01Yjx1nIkvBsrT0cDXZNgDSKEFmIQYRjfZyNn%2Bg8uuLv7LF%2FRc7WKN6jZsZKIDGtfaZ9xTrzzcgefdYjmgpMfF6Ewysrx6GQ74JVKwwZocbafNF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800aec02de-CDG
Caso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Caso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FCaso-aconteceu-no-inicio-da-tarde-deste-domingo-18-00837473-0-202402190933.jpg%3Fxid%3D1185523%26resize%3D245%252C160%26t%3D1708451456&xid=1185523
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
167b3d03240c5336d1ed2233c8e2013bf816aa03da24bcfec6588203d1bd8f6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
6562
last-modified
Mon, 19 Feb 2024 16:56:59 GMT
server
cloudflare
etag
"2fcd7ca75463da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i41%2FDgyVar%2BQqAXl11Y0GBIutteoeWcbKpmKLE8my0hWB3lHEpTikZOcQ%2BpV52UDz8lnYrHF9GkQ%2B94PJgQF4O462%2BbNk6hhAi6iWQAfhKxOsBQc58ziXUaRMVy7C85pYEryMjOVJl7un9nvCyaIsPGw"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800aee02de-CDG
Fill-1.webp
cdn.tnonline.com.br/img/normal/830000/0x0/A-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/0x0/A-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317/Fill-1.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-capacitacao-ocorre-nos-dias-27-de-fevereiro-6-e--00837890-0-202402201317.jpg%3Fxid%3D1186373&xid=1186373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
bdc5768de5ca05c07923f36474969aed246a093623e0dc131227b2b73992bacb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
58210
last-modified
Tue, 20 Feb 2024 17:23:36 GMT
server
cloudflare
etag
"64dc82892164da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5702qFL3A7MXzJHrMpevrpqPzMokQGM2erOC2rSCt4krAm0Wom4Uw17BrDJMxfqUL5Ot%2FfGEPB%2B5VCdZJQ1H0lFYTlfKWDs6m6GC1GiuEG80XudbtnKm5iHA36B9HYZT0JdqZ7vYrU7Q%2FbI6aqfQ5xm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800af602de-CDG
O-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/O-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FO-projeto-E-Forum-preve-a-digitalizacao-de-todos-o-00837869-0-202402201126.jpg%3Fxid%3D1186313%26resize%3D245%252C160%26t%3D1708451458&xid=1186313
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7ff415abfd08570e8c4cec6a98d50c1bd35850168adf2ea902537d16642e3239

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
5580
last-modified
Tue, 20 Feb 2024 17:23:36 GMT
server
cloudflare
etag
"9b865892164da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2YbSq1nr8ap%2FqBEgVMXMEsXs%2BHaNKM1k0WyvVbN29QU%2F5e%2FaBjJPjZJBoAOvnCGpqbhh4pqxAZRuTqbI6jhpVrD90FKGOWsjKmC%2FOjjtBva4KPwPr91PimQaHeelyDeC9%2FEp5l1tuTwaEGssPNEZdM6h"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800afc02de-CDG
A-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/A-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FA-apreensao-ocorreu-na-noite-de-segunda-feira-00837866-0-202402201123.jpg%3Fxid%3D1186305%26resize%3D245%252C160%26t%3D1708451458&xid=1186305
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
edd925bab9d89c0e77eb8a40dcd335afa4a43b04b1bac5cf37ad484ca07de004

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
6334
last-modified
Tue, 20 Feb 2024 16:36:41 GMT
server
cloudflare
etag
"28fb1fb1a64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHWq6AdML%2BsZ77oT4VMyJiaiaLY2xP9gBA2urUMkrjK%2FZh4gZkIyhGH4NuegJDkdKcS8o6XAwy5wUf0YCWXJ2Mlz5Z2Rbs6sgeVPZ7yAkejXa%2FQ54sK9H4VxEFp4uRtaXYMJno1DKy9aCKr5cxpmbHGl"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800b0002de-CDG
Mulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/245x160/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/245x160/Mulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FMulher-teria-apresentado-uma-faca-para-os-policiai-00837822-0-202402200839.jpg%3Fxid%3D1186161%26resize%3D245%252C160%26t%3D1708451459&xid=1186161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4a9d3fee70141b957eb7ea5e642d83057d9b594e5bf734eea8252e67affbf39b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2442
last-modified
Tue, 20 Feb 2024 16:17:41 GMT
server
cloudflare
etag
"e6aa541864da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Owe5ubCorA4F4g25GrDtDfc3K5hFqCdnpP5gFywLNCZj1m1aKD%2B2ZKlunExWrjYfypWx6i59SsQao0Ib60rEN5RC41SNFMlj5XM0toksj7Fiqlkkow4Y1jaYPCrWSa0xZ3EK6w6PvRRlVwLmqKJKJCIF"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800b0502de-CDG
Jojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/191x150/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/191x150/Jojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FJojo-Todynho-exibe-curvas-impecaveis-00837843-0-202402201023.jpg%3Fxid%3D1186214%26resize%3D191%252C150%26t%3D1708451459&xid=1186214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
460289db9adbbf6345f48c180e33078f9b816caff1e7c713eb50930b82492424

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
2400
last-modified
Tue, 20 Feb 2024 13:50:02 GMT
server
cloudflare
etag
"7d53efb3364da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scbAwvaOSTCFc3BNHJ4FVb2%2BCA8%2FY11OcBjw7VaogJ5fAj%2FxutBbMCPsAJJyDB2tZ77xLpwvHn%2FHuS8QfLHGQpS0DYWul%2F6mMsJ5dRLBcNEYkXxnOUL9vXukUkVi1KteRnluV1npphCpdGg9VZIZyeWt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800b0902de-CDG
Sabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021-ScaleDownProportional.webp
cdn.tnonline.com.br/img/normal/830000/191x150/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/191x150/Sabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021-ScaleDownProportional.webp?fallback=https%3A%2F%2Fcdn.tnonline.com.br%2Fimg%2Fnormal%2F830000%2FSabrina-sato-assumiu-estar-namorando-recentemente-00837842-0-202402201021.jpg%3Fxid%3D1186210%26resize%3D191%252C150%26t%3D1708451459&xid=1186210
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
1f3fd67f059095c6076c948dd11d330141c2fc0f25e39637eae9c23f57b0db59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
4892
last-modified
Tue, 20 Feb 2024 13:46:20 GMT
server
cloudflare
etag
"64dd842f364da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7y77wiePktiuJodqTQ7k8bQfvBEFx7zXuB0L6TaUDXLC2SRiaZaR11ynvIlyfB7tueMWCe41npa%2BaHHySdrzdEs7%2FGglW%2FuOvCVlC%2BJXZkDSzYCwrrjtSkH%2FkKKVwJr8Gm0uLJazKY2pGMQJz29Jrfv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b800b0b02de-CDG
meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponic...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponic...
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b9b0204c2fe1ff38c712d60167651b4aa31a1f1b11674e772841c7e0820937a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
20512
last-modified
Tue, 20 Feb 2024 15:17:28 GMT
server
cloudflare
etag
"849e1eaf64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a38LCtDOIWDXIXNITmFe%2BmCTPNAe1nvfZVm2we5IJY7raOq5AcI0y7vawmSzwIhb1YHmKF83Qoqchi%2FUwC%2BUnJ1CT6V3y7r8K%2FC03kGLWnOO9phWssYZqmJeNipGnK9q0iZuYTGBSWnXlxfSDXzAwRh8"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b81ae5402de-CDG

Redirect headers

date
Tue, 20 Feb 2024 17:53:09 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
96040437
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/meliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2Fmeliponicultura-consiste-na-criacao-de-abelhas-sem-00837878-0-202402201217.jpg%3Fxid%3D1186341%26resize%3D276%252C160%26t%3D1708451459&xid=1186341
content-type
text/html; charset=UTF-8
content-length
461
O-caso-e-investigado-00837871-0-202402201326.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-2024022...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-2024022...
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
760b5b9655b676bc40d3555d7a0ab5838b89a7b55d4c53394082935ac48a4c6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
5496
last-modified
Tue, 20 Feb 2024 16:53:09 GMT
server
cloudflare
etag
"8edc84481d64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkNPnpUzvKq8%2FTp8b9qQ43emhj8DkXT%2FuRz5kaH%2BeKDofVB0eWUWdCR4XuFGZx8yrwb9SVcNH%2FZz8sybtDw1mgrqobk5pn1XpAVGLlHNU2xIPkRmVAu4skFfcQhFVS9ehQq69Waox98qaIKDR2B%2BkmKb"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b81ae5302de-CDG

Redirect headers

date
Tue, 20 Feb 2024 17:53:09 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
105842732
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-e-investigado-00837871-0-202402201326.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-e-investigado-00837871-0-202402201326.jpg%3Fxid%3D1186380%26resize%3D276%252C160%26t%3D1708451460&xid=1186380
content-type
text/html; charset=UTF-8
content-length
401
O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-C...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-C...
11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
ba13869f4bb5f29e17a82d62b5059c900accb7fe07e583b61a8dce996887cce6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
10922
last-modified
Tue, 20 Feb 2024 14:24:50 GMT
server
cloudflare
etag
"725b9790864da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a21AxEikvHID7HfM86X3Xkevkm3JcbWswW6yZ61kVQoZsa0A%2BL8z2x84c5dDSR3YnLYM1MTqpk473OY5wNniLXiJFOMHYudlcmFdl28PnxrDd%2F2jrmtiL1T%2Fyf9nAfRVpMFoEw%2Fqkp5Gkc%2FDhKFC8crf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b817e0f02de-CDG

Redirect headers

date
Tue, 20 Feb 2024 17:53:09 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
106474002
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/O-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FO-caso-foi-registrado-em-Cascavel-00837867-0-202402201124.jpg%3Fxid%3D1186310%26resize%3D276%252C160%26t%3D1708451460&xid=1186310
content-type
text/html; charset=UTF-8
content-length
427
Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp
cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/
Redirect Chain
  • https://tnonline.uol.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-...
  • https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
6ad5880dd260d80c20e3cbba59d0ddbeeb8c98c14db1048d9e278dafce2c0f65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7158
last-modified
Tue, 20 Feb 2024 14:47:18 GMT
server
cloudflare
etag
"1792aab3b64da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KV0sS6QpciOlxi4mPKHn%2FKNPl9q%2BL9ZuzpG1exRyoYVXxl6HngwJxCeytXjHZBi2q0ioL4yvR2kEfVC9OnbTABBQEEG7DtrYV87R5ktaY%2BK4VsryPiw7GG%2BJ43hpeetp20Kfc6xgaxWt5Hznb4lALISI"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b81ae4e02de-CDG

Redirect headers

date
Tue, 20 Feb 2024 17:53:09 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
105688394
location
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/376x260/Analises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.webp?fallback=%2Fimg%2FArtigo-Destaque%2F830000%2FAnalises-realizadas-no-Tecpar-trazem-seguranca-a-p-00837861-0-202402201115.jpg%3Fxid%3D1186292%26resize%3D276%252C160%26t%3D1708451460&xid=1186292
content-type
text/html; charset=UTF-8
content-length
461
O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp
cdn.tnonline.com.br/img/normal/830000/254x150/
Redirect Chain
  • https://tnonline.uol.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi...
  • https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi...
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402
Protocol
H3
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cc7f002d2156e9519cd0e43d01fd289a99417cb892beb3c9b77ccde140480fde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tnonline.uol.com.br/?d=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
23
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
7022
last-modified
Tue, 20 Feb 2024 17:23:39 GMT
server
cloudflare
etag
"cc8a428b2164da1:0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFu9Ky%2FSObDyQJYyIjh2z5lV7Ufs6PCTOZxfWXzUEjTDBErXhEVit9Pq2q0CQXXJjDHTURJFpt8uGdVUBMRMe%2B1bX6lbtDCHKkTqaJt3emRP%2FD0UE5zaqB1gZubH6%2BWKDIr5%2Br69JbXibGBWBal6K%2BsU"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
85889b817e0902de-CDG

Redirect headers

date
Tue, 20 Feb 2024 17:53:09 GMT
via
CacheUOL
referrer-policy
no-referrer-when-downgrade
server
nginx
age
0
x-powered-by
ASP.NET
x-cache
MISS
x-varnish
99906904
location
https://cdn.tnonline.com.br/img/normal/830000/254x150/O-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.webp?fallback=%2Fimg%2Fnormal%2F830000%2FO-pedido-de-impeachment-foi-feito-apos-declaracoes-00837908-0-202402201423.jpg%3Fxid%3D1186402%26resize%3D254%252C150%26t%3D1708451462&xid=1186402
content-type
text/html; charset=UTF-8
content-length
443
container.html
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 581A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402150101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tnonline.uol.com.br/?d=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:52:48 GMT
expires
Wed, 19 Feb 2025 17:52:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame BA69 		129 KB
45 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4eb8e6be3b99dcde17680ecceec25805e3b129dd7ea458305586a00c4b3254b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 20 Feb 2024 17:53:08 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Vxn6aEn3eRrb8wnqAmgbiZTteDrIuqfHhhqOMC-VlVF_6jiMKkkTM-ESx-9OiqRkWuIpVmk1RvqO0f_J_W12DqCK5xhMatDmtJ9iS2PXY1SIspJjnsRk6hHWp418lP8-2MPrQ6hyb09luU_qZUGXbCB7TreHHyVUHjIrPNHU54SoVHvzHZYTORGRZK_mXJOTNwsgkRdXMulcX34qxR13Ilm7nP9mXAjgxOKomEktHOplTsX8w5a4BKI0vH179imYjQOb-Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
39653893
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 581A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 13:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
16362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 13:20:27 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 581A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:04:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
2947
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Mar 2024 17:04:02 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 581A 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 08:56:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
32218
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Feb 2025 08:56:11 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 581A 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:37:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
918
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62824
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-7
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 20 Feb 2024 18:37:51 GMT
truncated
/ Frame 581A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1caea3faf29c4bcfab1117e86b7141cf5fff038d729c6d044115118354ead733

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 581A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChAVWBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS0Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu0-VmPCiBq5QYNc6wSqBJbFSvO7uTaP97XdKVJW17T0ANHMuVjLmr4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA4AKA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAbIXHAoaEhRwdWItNjMzMDc5MTA5NDI2MDE0ORje6BQ&sigh=MIwQlRzg-Bg&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 581A 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k4DXFcc1rAL6AZ2DYgICAAAAeO6Fzk4NgqBw1Gd7zCoV8xAD59Rl12sDkJe1jAfHUQAAEgAACgpBUVVCRHdFQkR3&wp=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&cbvp=2
Requested by
Host: 8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
123132
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame BA69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 17:53:09 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BA69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 17:53:09 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BA69 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 14 Feb 2025 17:53:09 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BA69 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 14 Feb 2025 17:53:09 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BA69 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=90NXze1mNXkdsL1IAnszF5albbnXujhTdaVANcPW0jZTGZK5SUnyFu1hSCoInqvJJVSMKp5kB7BdrFdjvEeROo3CGmyqTiT7t6xzMBrewkS989Y8gvyOTrFkXAIB9mbcVdYEZDUqRTVJk1LzqUbiFTAsVxKi1Y5x4XZJlYqczWP0Zojo4YrLII9q5qry9YVfj7d3jH9xfllQPZpVCh7q_wfS0lkgl_uRS-MFwn7NByBuySPTEtnUI2L-RV9PUh2MSstMB7uZ2DxUJGEMarAXouWKCq_civ0USTDgx2bzux9gkyw70tKcNNgOCJtHfVHCLn76A9JyT4i7k94-DRN9fwrtrLIlBO_nncKg73fzOST34Taicj_vwUarS4G7WilHBjugMWlGMx-MTL_f9UiynVulFOzj2sznBibv2CjVNl2y2MuRKWDxIGAkeyaia6c0-PeuIg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2333987
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame BA69 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 17:53:09 GMT
img
imageproxy.eu.criteo.net/img/ Frame BA69 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230114%2F9fd0fe3254e7472797e56c18d54d1260_d73c0f9f-38ee-4ec7-86aa-3bfc8c7b7731.png&v=3&w=596&rid=4&s=L0v0T824mxrdV7ZX28vv9tTO
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
025136733ef145db18f74f9a8c83921404afc6bb145aa50fbdefcf07da93a538
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2929
expires
Mon, 03 Feb 2025 01:34:43 GMT
img
imageproxy.eu.criteo.net/img/ Frame BA69 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=400&rid=4&s=iqnk1mlYPbjcg1UkqiwUdzc9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:08 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=10368000
timing-allow-origin
*
content-length
6114
expires
Tue, 04 Jun 2024 12:30:59 GMT
all
csm.eu.criteo.net/ Frame BA69 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Vxn6aEn3eRrb8wnqAmgbiZTteDrIuqfHhhqOMC-VlVF_6jiMKkkTM-ESx-9OiqRkWuIpVmk1RvqO0f_J_W12DqCK5xhMatDmtJ9iS2PXY1SIspJjnsRk6hHWp418lP8-2MPrQ6hyb09luU_qZUGXbCB7TreHHyVUHjIrPNHU54SoVHvzHZYTORGRZK_mXJOTNwsgkRdXMulcX34qxR13Ilm7nP9mXAjgxOKomEktHOplTsX8w5a4BKI0vH179imYjQOb-Q&sds=2&rev=90749&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BA69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 17:53:09 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BA69 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 17:53:09 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Feb 2025 17:53:09 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 581A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvlrzsONW__M9l08dDbwuvf2hoOCa6XmDTRo69VBAKkoAtOy44y-qHdRofS4-Kb7eqvdxJwzouFv5SLU9qvCj56iq4jcu51DzNzWYYjTHD57mUjc-6mkdqmNEFnQ2Fa2t--3s0DK5Qo4Q&sig=Cg0ArKJSzF20e_CdVF3vEAE&id=lidar2&mcvt=1008&p=800,1280,1050,1580&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=517285977&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=438438900&rst=1708451589110&rpt=214&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Feb 2024 17:53:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame BA69 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Vxn6aEn3eRrb8wnqAmgbiZTteDrIuqfHhhqOMC-VlVF_6jiMKkkTM-ESx-9OiqRkWuIpVmk1RvqO0f_J_W12DqCK5xhMatDmtJ9iS2PXY1SIspJjnsRk6hHWp418lP8-2MPrQ6hyb09luU_qZUGXbCB7TreHHyVUHjIrPNHU54SoVHvzHZYTORGRZK_mXJOTNwsgkRdXMulcX34qxR13Ilm7nP9mXAjgxOKomEktHOplTsX8w5a4BKI0vH179imYjQOb-Q&sds=2&rev=90749&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdTnBAAKyv4H_b5XAADsT917F9OjKEIHqAS_RA&u=%7CdGg8R3E8P2auzWq40or7Z0bwfD2xDYoxeq9DXWbQMuo%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0UEJ8w8gW49kLu82w_1JkF24F7qs0EeooC2G_tqmB8F6sCnayFE9L-xjm7VYsAiaAYyND6NqdOdTmWSATndQ3o0p93O2U4-GPM9C2pZJUh27KSEbxZz99c8Tuq8icdWlTKIwjsNuQirzP-MB-YPOAhkMaT8cbhQvon9vOSoPyaHx4B04ecK5xG5eAUVtT41afQ2muAKhD07dmEOkI5CMJ5k9P3b1Zw5_T0xclShhRD3MF8QinXeaHG7oL1gjvK2d_8_tt1gPXW7D66_Xb-tXtCTsVu-clAr9dIrG0rM1tq-TR6HSndYk3J9cIEZk2K0he9fF2K8xaayagRBcQ3_w2GlOWJyDP0n914nlhnK-uTGIBNTSa4ReMW-LwpAXn_aH5GdzTBm0LFSqfHOYhBM1fITozXrTLX4NvczzZ9_FjYwUKNLXM8BWzTKNjA_-jALwRaJrsB13kJX7sZBOzzNF6xHeipA67M-1VBrssa018CBCf6jxh-mZkcb6NJJHOjYqs1qUymPoIrTLnJblJUR2tMcUxIq_U9Jm9u1_C_djmkYNiZdmxO1TYmzXPXgLnoVMufRzEWSkXO9SBm-TxDKMoEfLp_vLJMlO-xwb7p0zg3Ak4uscOUXt1N2npIP-NWWELg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjlirBOfUZf6VK9f89u8Pz9iD2AzJntKxXNWdkfdwwI23ARABIABglaK1gsAHggEXY2EtcHViLTYzMzA3OTEwOTQyNjAxNDnIAQmpAq2f90L1ELI-4AIAqAMByAMCqgS3Ak_Qpp__NUAduMfAUXZqBFafsvcyG762NTiWb-2l13Hy-jrIJDJqjQivRfPA2Z4vBLfKBo1DgAYm5bY3DuEUFm_gqgUmXWa6SVTwCN1QjnIgyl7Pt4JxF7nh-e7DO5DVCgeU6t4QJP4Nt_J0uw_htcwhyiEP1C7R80Lb0RB2TNZd-8UgGoLxcjBUKREqDDb4HUp0Sld_ImYGyPhz_JRstSQZ6Gku9sWd5vWgj94BTS6ZYXelZ7Pw5T0F3IT6EW6y6HFx2pb-SB-hRI1fpoifRxSWJfC61qA6HEpOafJja7mP8Jm4GYAXt2INcy_U95VtDBq34hZDhddjK9Ovq2pUEokPCl48eRRCFe4oNuBu06dkHboBOEQlkx6XkCxphfChHLElYtFj32ZdGMuJ8F4hBFNfGJlCsk6Q4AQBgAaB_uj63v27xsgBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAhAhIvf3BOlj4l7yQvrqEA_oLAggBgAwB4g0TCK3lvJC-uoQDFVe-_QcdT-wAy9AVAYAXAQ%26num%3D1%26sig%3DAOD64_0RVstO59gOquWQdqi4T0dEIDs7Iw%26client%3Dca-pub-6330791094260149%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 20 Feb 2024 17:53:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
collect
p.clarity.ms/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tnonline.uol.com.br
URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/mobile/main.min.js?_=1689709884
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-VL4N2H807F
Domain
cdn.tnonline.com.br
URL
https://cdn.tnonline.com.br/img/Artigo-Destaque/830000/Edicao-do-dia-20-de-fevereiro-de-2024-00837672-0-202402192308-md.jpg?xid=1185981
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Domain
cdn.onesignal.com
URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Domain
tnonline.uol.com.br
URL
https://tnonline.uol.com.br/themes/portal-tno-deploy/assets/js/sbundle_c96cb56133933aa4909f609e81d1247b.js?t=1685110083
Domain
page-context.uol.com.br
URL
https://page-context.uol.com.br/api/get-page-context?url=https%3A%2F%2Ftnonline.uol.com.br%2F
Domain
static.cloudflareinsights.com
URL
https://static.cloudflareinsights.com/beacon.min.js
Domain
joiabet.com
URL
https://joiabet.com/static/js/main.687ebeaf.chunk.js
Domain
v7.deviatetracking.com
URL
https://v7.deviatetracking.com/capi?data=%7B%22templateVersion%22%3A%225.3.3%22%2C%22pixelId%22%3A%22316274250831486%22%2C%22fbToken%22%3A%22EAALtRH1ZCK7oBO3fbYwhPuxpxwGEkQNoO6IOef09wvwou3nHJVjFNDhKwoThYEFjbK6RAyUGtgebQJ0j0rroqzeu2lySA4bdFhErRfAnPfU5ZAZBZC3XLBp8UtKK0e7N3di66XFxH9ZBga16GKxQ5CNQHpOItVL3jZBoYko2Xv41Qet0AKHu2HKTjrIIZAOSrmiNwZDZD%22%2C%22dtKey%22%3A%22key_eda63494369e43b8a8d03d533ae4d8b8%22%2C%22dtEmail%22%3A%22pedroivo%40estrelabet.com%22%2C%22eventName%22%3A%22PageView%22%2C%22sendServerEvent%22%3Atrue%2C%22sendBrowserEvent%22%3Atrue%2C%22sendIpAddress%22%3Afalse%2C%22initializePixel%22%3Atrue%2C%22injectBaseCode%22%3Atrue%2C%22customData%22%3A%7B%22deliveryCategory%22%3Anull%7D%2C%22userData%22%3A%7B%22externalId%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.3680.255.7.107%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36%22%7D%2C%22eventSourceUrl%22%3A%22https%3A%2F%2Festrelabet.com%2F%22%2C%22eventId%22%3A%223dfc1d72-f9b9-4c58-aa14-5681d7f20b52%22%2C%22scriptVersion%22%3A%226.0.2%22%7D
Domain
service.estrelabet.com
URL
https://service.estrelabet.com//ajax/staticPage/getPage?language=pb&urlPath=footer&languageId=pb
Domain
sb2frontend-altenar2.biahosted.com
URL
https://sb2frontend-altenar2.biahosted.com/api/BetMentor/GetRules?culture=en-GB&timezoneOffset=-60&integration=american&deviceType=1&numFormat=en-GB
Domain
service.estrelabet.com
URL
https://service.estrelabet.com//ajax/login/status
Domain
m.esportesdasorte.com
URL
https://m.esportesdasorte.com/api-v2/fixture-detail/m/23/esportesdasortevip
Domain
2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com
URL
https://2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com/apg-seal.js
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lsunyox2&c=7132700345620&slotId=3566350172810&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lsunyp8k&c=7132700345620&slotId=3566350172810&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C95321947%2C95322027%2C95324054%2C95324128
Domain
p.clarity.ms
URL
https://p.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 function| checkWidth function| clarity function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal string| APIPATH string| APISTATICPATH string| AJAXPATH string| AJAXSTATICPATH object| _0xc36e function| _0xe82c function| waitJQuery string| THEME_PATH object| universal_variable object| uolads object| UOLPD function| triggerUOLTM object| pbjs boolean| pageRequestMoat object| __configuredDFPTags object| googletag object| __dfpAsyncRenderingCallbacks object| apstag object| _ttprofiles object| ggeac object| google_js_reporting_queue object| _aps boolean| apstagLOADED object| apscustom undefined| google_measure_js_timing boolean| __servicesRequest boolean| gllConfigured object| __dfpEvent string| version function| TTProfilesBase function| ttProfilesBaseE object| _ttsHolder object| TTTagManager function| TTTagManagerError object| _ttq_tt_uol string| GoogleAnalyticsObject function| ga function| uolAnalytics function| hitOmniturePhoto function| hitOmniture object| tickerAdManager function| audCountClick function| rewriteBarraUOL object| pbjsChunk object| _pbjsGlobals object| gaplugins object| gaData object| _comscore object| _sf_async_config number| _sf_startpt number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| COMSCORE object| ns_p number| google_unique_id object| _cbm number| __countRenderedSlots number| __slotsLoadTime number| __averageSlotsLoadTime function| $ function| jQuery function| lozad object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome function| OneSignal function| mountCarrosselTemp function| organizeBlogs function| convert function| loadPrevisao function| preventcls function| carouselUltimas function| fadePublicidade function| menu function| toogleSubmenu function| closeAovivoContainer function| toggleInputSearch function| loadMostView function| saibaMais function| weatherAPI function| getRandomCity function| mountWeatherTop function| carouselColunistas function| carouselColunistasInter function| fireFBEvent function| toggleStickTntv function| handleTnTvModal function| enableIFrame function| mountDayEdition function| toggleModalSocial function| submenuMobile boolean| hasRun undefined| tntv_player boolean| enabledPIP undefined| FB function| handleExpandButton function| mountCarouselWeather function| ajaxHome function| modal404 function| ajaxTV function| clickTntv function| mountCandidatos function| getCandidatos function| getRandomItems function| candidatos undefined| listCandidatos undefined| listAleatoria function| showModal function| closeModal function| copy function| getCupons function| mountCupom function| detailProduct function| mountDestaque function| mountDestaquesXs undefined| _ttconversion string| n object| _tt_uol string| nq object| cmds object| ttcNamespace string| organize number| __oneSignalSdkLoadCount function| __jp0 object| axlc object| axll string| _ttcNamespace string| _ttqNamespace function| TTConversionBase function| ttConversionBaseE object| _ttconversionHolder object| ttqNamespace function| TTBase function| ttBaseE object| _ttqHolder object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| DYNAD_TV object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_949087 object| closure_lm_12813 object| google_image_requests

138 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgjdARChFw
.uol.com.br/ Name: _ga_VL4N2H807F
Value: GS1.1.1708451563.1.0.1708451563.60.0.0
.onesignal.com/ Name: __cf_bm
Value: NUTfRNHTdpFRrIeQUnydtdzf8Tcz4V6I8CWFpuH6QCc-1708451564-1.0-AXSRapFPK3e2GdxDnI3pCXn9bMBEw8IGiPHzKmiAKlG/PIWvdPUVlcnmKCGQmd5Vrv3LsjXqIK4A4Dof6yex+rw=
www.clarity.ms/ Name: CLID
Value: 351f21a2f45b47afbc75fd1149ee5f7b.20240220.20250219
wlf12bet.adsrv.eacdn.com/ Name: CEK
Value: a
.uol.com.br/ Name: _clck
Value: ahm8u4%7C2%7Cfjf%7C0%7C1511
wlpixbet.adsrv.eacdn.com/ Name: CEK
Value: a
gml-grp.com/ Name: CEK
Value: a
.gml-grp.com/ Name: __cf_bm
Value: XVTWy3HyXk.8CoCOR1.kxbBBT9syfQXnxDjgb9B9e7Q-1708451564-1.0-AaXDsjtXZDIkT/T4ff5Y4kDpFHrULRtBzo7F2P79t+B2Ww5dIsShYbASZMjy6DTMq1lvB0TED2TyISrKwhMvYQU=
.gml-grp.com/ Name: _cfuvid
Value: Cv9bfT5hh740YVgYgWsCcYxQDImuNOPy7xmtFL1DViA-1708451564750-0.0-604800000
bsbrcdna.com/ Name: CEK
Value: a
go.aff.estrelabetpartners.com/ Name: AWSALBTGCORS
Value: Nq1WoAIqpNMcmdm7droNfOtWxfsKYT9gf241ohtRwo5zidSpV1Zp2Ooe3WUl9jkwJHH6hTJIdQT62Np61IEJkBIASCsgnf9Mxo9GaKaW9Fcg42wG6xOVh0pwqrk00Q6alGXdzVv+/i8Cb/k17ibAQkU2wg3JvqGNIkp5UsLUk+bU7dCAGQc=
wlpixbet.adsrv.eacdn.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&d7f19868-37cc-4dde-bd94-3367b871dd6c&&a_1971b_114&
wlpixbet.adsrv.eacdn.com/ Name: A_114
Value: a=114&r=0&fv=0&lv=0&vc=0&fc=20240220&lc=20240220055244&cc=1
wlpixbet.adsrv.eacdn.com/ Name: PM_2
Value: id=e5f7b662-f1e8-4ed0-82b3-764a3d0212b0&c=CM_BR_SB_DT_PIXBET_TNONLINE&s=1971&ad=114&md=0&pm=2&d=20240220175244&ip=1358890859&r=0&ref=&RedirectParams=btag%3Da_1971b_114c_CM_BR_SB_DT_PIXBET_TNONLINE%26siteid%3D1971&cip=ODAuMjU1LjcuMTA3
wlf12bet.adsrv.eacdn.com/ Name: A_86
Value: a=86&r=0&fv=0&lv=0&vc=0&fc=20240220&lc=20240220055244&cc=1
wlf12bet.adsrv.eacdn.com/ Name: PM_2
Value: id=f563b2d4-6d12-4ce2-81b5-8212a2a28131&c=CM_BR_SB_DT_F12BET_TNONLINE&s=3672&ad=86&md=0&pm=2&d=20240220175244&ip=1358890859&r=0&ref=&RedirectParams=btag%3Da_3672b_86c_CM_BR_SB_DT_F12BET_TNONLINE&cip=ODAuMjU1LjcuMTA3
bsbrcdna.com/ Name: XYZ
Value: 120&8&148&&&&0&1&&f7c51f2a-8bf8-4cd9-96f5-3402529b455c&&a_4836b_697&
bsbrcdna.com/ Name: A_697
Value: a=697&r=0&fv=0&lv=0&vc=0&fc=20240220&lc=20240220055244&cc=1
bsbrcdna.com/ Name: PM_59
Value: id=01676046-8de5-4432-ad7d-f9177ee384fe&c=CM_BR_SB_DT_BETSAT_TNONLINE&s=4836&ad=697&md=0&pm=59&d=20240220175244&ip=1358890859&r=0&ref=&RedirectParams=btag%3Da_4836b_697c_CM_BR_SB_DT_BETSAT_TNONLINE%26affid%3D20932&cip=ODAuMjU1LjcuMTA3
gml-grp.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&2f0c2a3f-659b-4c97-8156-17dfa8222f8a&&a_9862b_619&
gml-grp.com/ Name: A_619
Value: a=619&r=0&fv=0&lv=0&vc=0&fc=20240220&lc=20240220055244&cc=1
gml-grp.com/ Name: PM_20
Value: id=c512d189-c241-4fe6-87f6-be42e100705d&c=CM_BR_SB_DT_BETANO_TNONLINE&s=9862&ad=619&md=0&pm=20&d=20240220175244&ip=0&r=0&ref=&RedirectParams=btag%3Da_9862b_619c_CM_BR_SB_DT_BETANO_TNONLINE%26utm_medium%3D2566%26utm_source%3D1%26siteid%3D9862&cip=MmEwMTo0YTA6MTMzODo5Mjo6Mw==
record.emixpartners.com/ Name: VID1
Value: KCxDNFMtU0RWLTMwYApgCg%3D%3D
.emixpartners.com/ Name: ZBan
Value: 3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
record.nsxafiliados.com/ Name: VID1
Value: KiwzYFQsUzRQLiNAVi4wYGAKYAo%3D
.nsxafiliados.com/ Name: ZBan
Value: GAV41xoK2qcZ4xZrCstO3mNd7ZgqdRLk
media.888africa.com/ Name: CEK
Value: a
media.888africa.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&0ca64fd4-4fa6-4cb8-badf-2904cef73052&&a_1835b_349&
media.888africa.com/ Name: A_349
Value: a=349&r=0&fv=0&lv=0&vc=0&fc=20240220&lc=20240220055244&cc=1
media.888africa.com/ Name: PM_23
Value: id=b713af87-c2ab-4c1c-994c-e32a6eaaaad9&c=CM_BR_SB_DT_BLZBET_TNONLINE&s=1835&ad=349&md=0&pm=23&d=20240220175244&ip=1358890859&r=0&ref=&RedirectParams=btag%3Da_1835b_349c_CM_BR_SB_DT_BLZBET_TNONLINE%26siteid%3D1835&cip=ODAuMjU1LjcuMTA3
.pixbet.com/ Name: __cf_bm
Value: lgbFGPfoKZYunL1bJGrHnwBytTW56tyTKb9BWTsy4oY-1708451565-1.0-AXr00Edybd/sjM7lQoiwnHWlLxp626Rcdf4vBEjdt98FrIEA7ZNCX3m4990kM91GN0lWC4l43H00505w7KzlrD0=
.betsat.com/ Name: __cf_bm
Value: zmAg7jMzjcrjLKdHAcwvvaBSzrxbH2h5iBOG765vSo8-1708451565-1.0-Aa3To74X+mYd5evhwpoIXMSUQsCHk/J7vSz9Ci0ci/6kIFLFc7RO5ZzMP7AQRYMuIE5Q2bwkP+pn9T5JukWrRDs=
.f12.bet/ Name: __cf_bm
Value: sQzU7EaD8VtQGh.kuhBQ9KAczOnajRNu857yxuMSkoY-1708451565-1.0-AREDLjd0Cg36z8Rvm5VawX1TzJ3MDXwr1tCrsk6w0MEv49AmPBEwEQshEPsoO0nTeS605ys2oXPQYbdRuaGbNb8=
wlf12bet.adsrv.eacdn.com/ Name: XYZ
Value: 120&0&148&&&&0&1&&a221d156-62ac-4aeb-aaf2-50df3c9f4bd5&a_3672b_20&a_3672b_86&
wlf12bet.adsrv.eacdn.com/ Name: A_20
Value: a=20&r=0&fv=20240220&lv=20240220055245&vc=1&fc=0&lc=0&cc=0
.betano.com/ Name: __cf_bm
Value: VAfK8rm.ljWWQfFJOLn.6Olp_.LTcffJZIvkiOrxUvY-1708451565-1.0-Ad91FEUcSrknRNIp/BOUm+Qu45X7eFV1XscKmVgCl2FRxr1Faz0+ZRP7hTktrL6gZklzkepT9EE0VRfmYFbdIi4=
.betano.com/ Name: _cfuvid
Value: c_PiR1AQVNwN3jh3Ab6MDsRxuQnVKzs3JxKfagvSs18-1708451565093-0.0-604800000
.luva.bet/ Name: __cf_bm
Value: rl6n4mNuZKz41Urp5xpJkY8v53wOda0Znj.Iwu1XGzo-1708451565-1.0-Ae6QLvCVz6hxCSsYNLL3zrZ5W1QqE8pUyGW3l5Eei78ynd6+UdC1PZ4/wvhot7oYzuQnZFVPJn4HblEnjhtSDQ0=
.betnacional.com/ Name: __cf_bm
Value: sye8lG0GxTYo3k63teUirkU5JC9v1fGA8v8txP253xE-1708451565-1.0-AXi5aFg30ESt+bYWE45WlcUy8R5ymaTziebScDdeER8VAEdTlT5ogm9P3nPahiNk8KbjMMUAO2WqzmO2B1iYEmw=
.blzbets.com/ Name: __cf_bm
Value: N.jkD66Of5dv.v4ATmqOfCwEHSl1OnIenG0wcO.kTDk-1708451565-1.0-ARqjPcamWJr0vGVyY/ggxJxWVdngOXwnvH9RKZM6m4nL0ifqMyqVRFVbEqnmoS7cCdc8tPKyxZskwuNqgpcIf8E=
.uol.com.br/ Name: _clsk
Value: qh0u96%7C1708451565347%7C1%7C1%7Cp.clarity.ms%2Fcollect
m.esportesdasorte.com/ Name: lang
Value: ptb
.t.tailtarget.com/ Name: u
Value: fwAAAWXU5u4TpQarHcX8AgB=
.t.tailtarget.com/ Name: _ssc
Value: y
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: WOea8iH6qfdOhyYfXRADhIX07_Pfpjs-0-RZovdhY1lPlU2kfr2BER4JcRfRygAqYT7_it2ynDe2wi1wOJVJ2LPk1aTmRD0jp1mjYKCQjtA.
.adnxs.com/ Name: uuid2
Value: 7850017704317607944
.mgid.com/ Name: __cf_bm
Value: 3MMo9KU2RtFcdEL_T6a8qFxbxQYMAi3n0vYcvEGSuD8-1708451567-1.0-AWOl8R+EdHecQe0JMTylKmXWDRVKwF32SoDDhjTCLL9budwI5zRTTdrbO3IQIsxgE7o2d+n+aSgWOSZ+18ALNvw=
tnonline.uol.com.br/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.uol.com.br/ Name: _ga_SV72Y085LF
Value: GS1.1.1708451567.1.0.1708451567.60.0.0
.uol.com.br/ Name: _ga
Value: GA1.3.1654842199.1708451563
.uol.com.br/ Name: _gid
Value: GA1.3.1996176397.1708451568
.uol.com.br/ Name: _gat_uolMain
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnSuWVvYYySZI76wMxOlZbPsYRaF4jt7Sr4MVeGs0OgV5cyjSpAHYdEvMaN
.rubiconproject.com/ Name: khaos
Value: LSUNYAHG-12-G2WY
.rubiconproject.com/ Name: audit
Value: 1|yQuirGeEF6D07LoaRN6HtANb0fGVcfL/XWaA1sYWTLHiXIXbtn90w3+XnjfyFJzUSE+n7rha7yI/N7U80AOUGM4/a9yhEZmgVDEyK6QYgBVnyDFSLN0Ntr7FQD2yB//hsqlSNZOaaDQ=
.udr.uol.com.br/ Name: UOLID
Value: 17c0efb0-c4ca-42ff-bacf-eed2db1975c3|0
.twitter.com/ Name: guest_id_marketing
Value: v1%3A170845156797724154
.twitter.com/ Name: guest_id_ads
Value: v1%3A170845156797724154
.twitter.com/ Name: personalization_id
Value: "v1_VR7td3nnBkrMIbaE/lmebQ=="
.twitter.com/ Name: guest_id
Value: v1%3A170845156797724154
.t.co/ Name: muc_ads
Value: 95b55d0b-f758-47ab-9465-5346f567310a
.sportradarserving.com/ Name: zuuid
Value: e6a91920-f1a6-481f-865b-b302d7ce9731
.sportradarserving.com/ Name: c
Value: 1708451568
.sportradarserving.com/ Name: zuuid_lu
Value: 1708451568
tnonline.uol.com.br/ Name: _scor_uid
Value: 0a7582cd8a934ae38fcf0766f3eace47
.estrelabet.com/ Name: user_unic_ac_id
Value: 093be2df-c8c1-f293-f1ba-011fdbfc0fd0
.estrelabet.com/ Name: advcake_trackid
Value: 0fdac099-26a5-e35f-6dfb-44febdd14c83
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1708451568
.sportradarserving.com/ Name: cm4
Value: !bidswitch,477780768
.sportradarserving.com/ Name: bss
Value: !bidswitch,477708768
.estrelabet.com/ Name: _sp_srt_ses.5b04
Value: *
.estrelabet.com/ Name: _sp_srt_id.5b04
Value: dae8b2d2-9822-4e7d-8318-36ab5cec0f93.1708451568.1.1708451568..ce45a523-327b-44f4-afe3-275e9fac4093....0
.estrelabet.com/ Name: _hjSessionUser_3777884
Value: eyJpZCI6ImFkOWU4YTBjLTc4MjItNWQ0Ny05MmE5LTY2YzViMGVhYWVjZCIsImNyZWF0ZWQiOjE3MDg0NTE1NjgzODIsImV4aXN0aW5nIjpmYWxzZX0=
.estrelabet.com/ Name: _hjSession_3777884
Value: eyJpZCI6ImMzYjE0Y2Y4LTE4YzAtNDdhNi04OTMwLTU5MTVmNWQyYzViYiIsImMiOjE3MDg0NTE1NjgzODMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.retargetly.com/ Name: _tpc_enabled
Value: true
.retargetly.com/ Name: _rlid
Value: 9c337ada-0ec4-4852-bf6c-8aadb0728fc3
service.estrelabet.com/ Name: ci_session
Value: fff0pkf8gpqoghrmtrhfi5aghd1bd74u
.creativecdn.com/ Name: g
Value: ebhMyqzOFjuQ2rhx0GB4_1708451568523
.creativecdn.com/ Name: c
Value: ebhMyqzOFjuQ2rhx0GB4_Da0J4b08Tci60aJ6hFxt_1708451568523
.creativecdn.com/ Name: ts
Value: 1708451568
.uol.com.br/ Name: __eoi
Value: ID=4230576bc8a439be:T=1708451568:RT=1708451568:S=AA-Afja8aaVD8xq6lvVGYKlIcHPh
m.esportesdasorte.com/ Name: clickId
Value: bbhyqjyxwphjibrgyymsiabaw
m.esportesdasorte.com/ Name: affId
Value: 71822
.joiabet.com/ Name: _fw_crm_v
Value: 9d089ac7-5878-47a4-b73d-871d7029a834
.fulllab.com.br/ Name: language
Value: en-US
.fulllab.com.br/ Name: screenResolution
Value: 1600%3B1200
.fulllab.com.br/ Name: timezone
Value: Europe/Berlin
.fulllab.com.br/ Name: platform
Value: Win32
.fulllab.com.br/ Name: adBlock
Value: true
.fulllab.com.br/ Name: fp
Value: 50c4da4dd2e6b946aab17df39926bc3a
.fulllab.com.br/ Name: lastUrl
Value: https://estrelabet.com/
.fulllab.com.br/ Name: lastVisit
Value: 1708451570885
.getblue.io/ Name: ckid
Value: B6964FF8-2C6C-46E5-972C4B73D0469C3D
.casalemedia.com/ Name: CMID
Value: ZdTm81VbLYcAAGALAHP7NQAA
.casalemedia.com/ Name: CMPS
Value: 5221
.casalemedia.com/ Name: CMPRO
Value: 5221
.ctnsnet.com/ Name: cid_9e761e2277a54df5b05ce7f4cf81ecc8
Value: 1
.sportradarserving.com/ Name: cm2
Value: !bidswitch,477780771
.ads.stickyadstv.com/ Name: UID
Value: 77b681f640a4fbc4fefdda56e5627515
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZdTm81VbLYcAAGALAHP7NQAAFGUAAAAB
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZdTm8wAGWTOZMwA9
.liadm.com/ Name: lidid
Value: 7e8e9f9e-64ba-423b-a510-e6aada54c063
.esportesdasorte.com/ Name: _sp_srt_ses.1c15
Value: *
.esportesdasorte.com/ Name: _sp_srt_id.1c15
Value: ad74ea04-ab93-41cb-a4a0-5da3cd9a26f0.1708451573.1.1708451573..6c1955d3-1431-4554-9823-0cc5f3c431a8....0
.adnxs.com/ Name: anj
Value: dTM7k!M40*dWIy(ghqdmU(7T]r/eK>#GCYP$w%*+eYWuZg-8Sag[i>-4B)8wluaOKjOvbK0/`NOaOnI@763/75c8'E/2uE45ubq!1-TbPj*Qv4kLd@<R(`=^Z3)<7Wbn^3=ajHWJL+l<W=:UQB^XBrh(N8kWFUxz%w#pwW[0s]8##wJ3PVX23nXm/!#F(d.XQOF
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.criteo.com/ Name: uid
Value: e2345879-eebc-4d1c-9979-9df4e77f7c54
.uol.com.br/ Name: _cb
Value: Biwn3QChiYB7R1cRK
.uol.com.br/ Name: _chartbeat2
Value: .1708451583487.1708451583487.1.C8IiRpDA0b1lB_xWp6ClMwlT7_rFj.1
.uol.com.br/ Name: _cb_svref
Value: https%3A%2F%2Ftnonline.uol.com.br%2F
tnonline.uol.com.br/ Name: tt_c_vmt
Value: 1708451584
tnonline.uol.com.br/ Name: tt_c_c
Value: direct
tnonline.uol.com.br/ Name: tt_c_s
Value: direct
tnonline.uol.com.br/ Name: tt_c_m
Value: direct
.tt-10162-1.seg.t.tailtarget.com/ Name: trk
Value: HZFP+6ss7Gu124Ormg8vYpPN7cS63wPFVNNI9sLfkp4=
.youtube.com/ Name: YSC
Value: wRV32Fub_YQ
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: xA2y3bHADtc
tnonline.uol.com.br/ Name: _ttuu.s
Value: 1708451584064
tnonline.uol.com.br/ Name: tt.u
Value: 0100007FEEE6D465AB06A51302FCC51D
.t.tailtarget.com/ Name: ttbprf
Value: ___de_1708451584663_1358890859
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
tnonline.uol.com.br/ Name: tt.nprf
Value:
.tt-10162-1.seg.t.tailtarget.com/ Name: ttca
Value: _1708451585
.t.tailtarget.com/ Name: n
Value: 1708451585
.bing.com/ Name: MUID
Value: 19ED4DF539CE6A6C399859DE38626BCB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 19ED4DF539CE6A6C399859DE38626BCB
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 19ED4DF539CE6A6C399859DE38626BCB
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.uol.com.br/ Name: BTCTL
Value: 1a
.bt.uol.com.br/ Name: BTTRK
Value: 1a602d6fd8f24062b0ad1bcfffac8849|145300200224

554 Console Messages

Source Level URL
Text
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://pixbet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://br.betsat.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://f12.bet/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://m.esportesdasorte.com/ptb?click_id=bbhyqjyxwphjibrgyymsiabaw&affid=71822&utm_campaign=CM_BR_SB_DT_ESPORTES_TNONLINE(Line 5)
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://tvbet.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://betnacional.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://blzbets.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://joiabet.com/pt-BR/?token=3ZRSaeAwUPAuQxBItMKsR2Nd7ZgqdRLk
Message:
<link rel=preload> must have a valid `as` value
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error
Message:
Refused to frame 'https://br.betano.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://*.betano.com:*".
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://tnonline.uol.com.br/?d=1
Message:
Access to XMLHttpRequest at 'https://page-context.uol.com.br/api/get-page-context?url=https%3A%2F%2Ftnonline.uol.com.br%2F' from origin 'https://tnonline.uol.com.br' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://page-context.uol.com.br/api/get-page-context?url=https%3A%2F%2Ftnonline.uol.com.br%2F
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.googletagmanager.com/gtag/js?id=G-203407BWCD&l=dataLayer&cx=c
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/316274250831486?v=2.9.147&r=stable&domain=estrelabet.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://estrelabet.com/pb/cadastro?affid=130009&cxd=awppqsjswdzfdmrgybnvewfci&utm_campaign=CM_BR_SB_DT_ESTRELABET_TNONLINE
Message:
Access to fetch at 'https://v7.deviatetracking.com/capi?data=%7B%22templateVersion%22%3A%225.3.3%22%2C%22pixelId%22%3A%22316274250831486%22%2C%22fbToken%22%3A%22EAALtRH1ZCK7oBO3fbYwhPuxpxwGEkQNoO6IOef09wvwou3nHJVjFNDhKwoThYEFjbK6RAyUGtgebQJ0j0rroqzeu2lySA4bdFhErRfAnPfU5ZAZBZC3XLBp8UtKK0e7N3di66XFxH9ZBga16GKxQ5CNQHpOItVL3jZBoYko2Xv41Qet0AKHu2HKTjrIIZAOSrmiNwZDZD%22%2C%22dtKey%22%3A%22key_eda63494369e43b8a8d03d533ae4d8b8%22%2C%22dtEmail%22%3A%22pedroivo%40estrelabet.com%22%2C%22eventName%22%3A%22PageView%22%2C%22sendServerEvent%22%3Atrue%2C%22sendBrowserEvent%22%3Atrue%2C%22sendIpAddress%22%3Afalse%2C%22initializePixel%22%3Atrue%2C%22injectBaseCode%22%3Atrue%2C%22customData%22%3A%7B%22deliveryCategory%22%3Anull%7D%2C%22userData%22%3A%7B%22externalId%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.3680.255.7.107%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36%22%7D%2C%22eventSourceUrl%22%3A%22https%3A%2F%2Festrelabet.com%2F%22%2C%22eventId%22%3A%223dfc1d72-f9b9-4c58-aa14-5681d7f20b52%22%2C%22scriptVersion%22%3A%226.0.2%22%7D' from origin 'https://estrelabet.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://v7.deviatetracking.com/capi?data=%7B%22templateVersion%22%3A%225.3.3%22%2C%22pixelId%22%3A%22316274250831486%22%2C%22fbToken%22%3A%22EAALtRH1ZCK7oBO3fbYwhPuxpxwGEkQNoO6IOef09wvwou3nHJVjFNDhKwoThYEFjbK6RAyUGtgebQJ0j0rroqzeu2lySA4bdFhErRfAnPfU5ZAZBZC3XLBp8UtKK0e7N3di66XFxH9ZBga16GKxQ5CNQHpOItVL3jZBoYko2Xv41Qet0AKHu2HKTjrIIZAOSrmiNwZDZD%22%2C%22dtKey%22%3A%22key_eda63494369e43b8a8d03d533ae4d8b8%22%2C%22dtEmail%22%3A%22pedroivo%40estrelabet.com%22%2C%22eventName%22%3A%22PageView%22%2C%22sendServerEvent%22%3Atrue%2C%22sendBrowserEvent%22%3Atrue%2C%22sendIpAddress%22%3Afalse%2C%22initializePixel%22%3Atrue%2C%22injectBaseCode%22%3Atrue%2C%22customData%22%3A%7B%22deliveryCategory%22%3Anull%7D%2C%22userData%22%3A%7B%22externalId%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.3680.255.7.107%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F121.0.6167.184%20Safari%2F537.36%22%7D%2C%22eventSourceUrl%22%3A%22https%3A%2F%2Festrelabet.com%2F%22%2C%22eventId%22%3A%223dfc1d72-f9b9-4c58-aa14-5681d7f20b52%22%2C%22scriptVersion%22%3A%226.0.2%22%7D
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://pdp-service.retargetly.com/event_collector
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com/apg-seal.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/601094538365217?v=2.9.147&r=stable&domain=m.esportesdasorte.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 105)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security error URL: https://688588608962031.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9qb2lhYmV0LmNvbQ==(Line 284)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://joiabet.com') does not match the recipient window's origin ('https://tnonline.uol.com.br').
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 509)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://tnonline.uol.com.br/?d=1
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

13496778.fls.doubleclick.net
2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com
4bd05b2a-64a3-402b-90da-d473923796db.snippet.antillephone.com
688588608962031.webpush.freshchat.com
8b41ee596f31f03601aaae74c761edc7.safeframe.googlesyndication.com
a.mgid.com
a.sportradarserving.com
aax.amazon-adsystem.com
acdn.adnxs.com
adjs.media
ads.eu.criteo.com
ads.stickyadstv.com
adservice.google.com
advcake.dataroyal.com.br
analytics.twitter.com
api.ipify.org
api.kompassify.app
api.kompassify.com
api.mythad.com
api.retargetly.com
app.posthog.com
assetscdn-wchat.freshchat.com
b.t.tailtarget.com
betnacional.com
blzbets.com
boot-loader.kompassify.app
br.betano.com
br.betsat.com
bsbrcdna.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdn.contentful.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.taboola.com
cdn.tnonline.com.br
cdnjs.cloudflare.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.getblue.io
config.aps.amazon-adsystem.com
connect.facebook.net
content.adminemx.com
conteudo.imguol.com.br
conteudo.jsuol.com.br
crunchequation-org-74030d2ee16a88e16709193.freshchat.com
csi.gstatic.com
csm.eu.criteo.net
dash.afiliadosbet.com
data.gblcdn.com
deviatetracking.com
dis.criteo.com
dsum-sec.casalemedia.com
dynamic.criteo.com
ekr.zdassets.com
esportesdasortee.zendesk.com
estrelabet.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
event.getblue.io
f12.bet
fastlane.rubiconproject.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
fw-cdn.com
gml-grp.com
go.aff.esportesdasorte.com
go.aff.estrelabetpartners.com
googleads.g.doubleclick.net
gum.criteo.com
hitbr.acstat.com
htlb.casalemedia.com
i.liadm.com
i.ytimg.com
ib.adnxs.com
imageproxy.eu.criteo.net
imasdk.googleapis.com
img-cdn001.akamaized.net
jnn-pa.googleapis.com
joiabet.com
js-sec.indexww.com
libs.smartico.ai
licensing.gaming-curacao.com
logsdk.kwai-pro.com
luva.bet
m.esportesdasorte.com
m.t.tailtarget.com
mab.chartbeat.com
match.adsrvr.org
me.jsuol.com.br
media.888africa.com
metrics.dataroyal.io
metrics.getrmads.com
mug.criteo.com
odin.sportingtech.com
onesignal.com
p.clarity.ms
page-context.uol.com.br
pagead2.googlesyndication.com
pdp-cdn.retargetly.com
pdp-service.retargetly.com
ping.chartbeat.net
pixbet.com
player.kompassify.app
player.kompassify.com
prebid-server.rubiconproject.com
prg.smartadserver.com
privacy-sandbox.uol.com.br
ps.adminemx.com
pubads.g.doubleclick.net
record.emixpartners.com
record.nsxafiliados.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtg.mediamathrdrt.com
rtg.prdredir.com
rts-static-prod.freshworksapi.com
s.dynad.net
s.seedtag.com
s0.2mdn.net
s1.kwai.net
sb.scorecardresearch.com
sb2auth-altenar2.biahosted.com
sb2bonus-altenar2.biahosted.com
sb2frontend-altenar2.biahosted.com
sb2integration-altenar2.biahosted.com
sb2widgetsstatic-altenar2.biahosted.com
script.hotjar.com
scripts.mediamathrdrt.com
scripts.prdredir.com
secure.adnxs.com
securepubads.g.doubleclick.net
server.gblcdn.com
service.estrelabet.com
ssl.google-analytics.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.chartbeat.com
static.cloudflareinsights.com
static.criteo.net
static.doubleclick.net
static.hotjar.com
static.sportingtech.com
static.userguiding.com
static.zdassets.com
stats.g.doubleclick.net
stc.uol.com
sync-tm.everesttech.net
syncads.io
t.co
t.tailtarget.com
tags.creativecdn.com
tags.fulllab.com.br
tm.ads.sportradar.com
tm.jsuol.com.br
tm.uol.com.br
tnonline.uol.com.br
token.rubiconproject.com
tpc.googlesyndication.com
tracker.ads.sportradar.com
tracker.bt.uol.com.br
trc-events.taboola.com
trc.taboola.com
tt-10162-1.seg.t.tailtarget.com
tvbet.com
udr.uol.com.br
us.creativecdn.com
v7.deviatetracking.com
widget.getblue.io
wlf12bet.adsrv.eacdn.com
wlf12bet.eacdn.com
wlpixbet.adsrv.eacdn.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.securely-send.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
2be7040a-574e-4640-a0d5-08da64a54eb1.snippet.antillephone.com
cdn.onesignal.com
cdn.tnonline.com.br
csi.gstatic.com
joiabet.com
m.esportesdasorte.com
p.clarity.ms
page-context.uol.com.br
pagead2.googlesyndication.com
sb2frontend-altenar2.biahosted.com
service.estrelabet.com
static.cloudflareinsights.com
tnonline.uol.com.br
v7.deviatetracking.com
www.googletagmanager.com
104.16.51.111
104.18.190.136
104.18.70.113
104.18.72.113
104.244.42.3
104.244.42.69
104.26.13.205
108.138.3.46
108.156.60.76
13.227.219.71
13.248.221.98
141.226.228.48
142.250.185.162
142.250.186.38
143.204.215.102
143.204.215.55
144.126.250.218
146.75.118.49
151.101.129.44
151.101.130.49
151.101.193.108
172.217.18.2
172.64.149.180
172.64.151.101
173.212.233.232
178.250.1.6
178.250.1.9
18.173.205.14
18.238.243.35
18.244.18.32
18.66.113.225
18.66.97.49
185.184.10.30
185.86.138.121
185.89.211.12
199.232.188.157
20.122.63.128
20.93.81.72
200.147.36.53
2001:4860:4802:34::36
2600:9000:20f1:2c00:1e:82d4:d9c0:93a1
2600:9000:211e:5c00:12:a82:2ec0:93a1
2600:9000:211e:7800:1d:3c55:e840:93a1
2600:9000:211e:f600:1:bcff:6780:93a1
2600:9000:223d:9800:1:aa11:940:93a1
2600:9000:2251:6e00:14:4688:e200:93a1
2600:9000:2251:e400:6:5b96:3f00:93a1
2600:9000:2646:5200:18:1fcd:353:c61
2600:9000:266e:f200:10:3798:4a80:93a1
2600:9000:26e8:e200:1c:9011:a540:93a1
2600:9000:2761:a000:6:9eb2:5cc0:93a1
2602:803:c003:200::31
2606:4700:10::6816:108d
2606:4700:10::6816:3ab5
2606:4700:10::6816:4bfe
2606:4700:10::6816:630
2606:4700:10::6816:95a
2606:4700:10::ac43:1ce8
2606:4700:1::6813:814c
2606:4700:20::681a:405
2606:4700:20::681a:772
2606:4700:3030::6815:448a
2606:4700:3032::ac43:cb12
2606:4700:3033::ac43:9c10
2606:4700:3033::ac43:d642
2606:4700:3037::ac43:88da
2606:4700:4400::6812:2bd3
2606:4700:4400::ac40:9649
2606:4700:4400::ac40:9892
2606:4700:4400::ac40:9bf1
2606:4700::6810:3865
2606:4700::6810:5614
2606:4700::6811:180e
2606:4700::6811:5559
2606:4700::6812:93b
2606:4700::6812:d73b
2606:4700::6812:ed3
2607:ae80:4::26
2620:1ec:46::60
2620:1ec:bdf::60
2620:1ec:c11::200
2804:49c:3104:401:ffff:ffff:ffff:34
2a00:1450:4001:801::200e
2a00:1450:4001:802::2008
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::2001
2a00:1450:4001:828::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2006
2a00:1450:4001:830::2008
2a00:1450:4001:830::200a
2a00:1450:4001:830::2016
2a00:1450:400c:c00::9a
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:3::e
2a02:2638:d::c
2a02:26f0:480:22::1726:62c8
2a02:26f0:480:f::213:7ece
2a02:6ea0:c700::18
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::714
2a06:98c1:3120::3
2a06:98c1:3121::3
3.227.118.128
34.102.185.99
34.110.191.112
34.120.135.117
34.149.50.64
34.194.239.138
34.95.81.168
35.186.193.173
35.214.149.91
35.234.86.61
35.71.131.137
40.127.232.184
43.132.32.113
43.152.26.142
5.188.238.189
52.214.139.26
52.28.196.42
52.51.128.76
52.84.150.56
54.207.86.50
54.231.201.57
54.233.85.30
65.9.86.128
68.219.88.97
69.173.144.137
69.173.144.138
75.119.136.196
77.37.33.30
78.46.77.172
88.221.125.233
88.221.83.82
99.86.4.71
00f9c865ef765313123b5bdea5c6bd609e6984d226074c375afe51c26f1eab03
01fe1c152acd2a61b08db213a76efbbc287a705a853f3aa19018cce86a78e1d4
0215eabc84d0abf65e91810ea80b0cc94f3502d8fcc59846bd7ea450fe7d6d03
025136733ef145db18f74f9a8c83921404afc6bb145aa50fbdefcf07da93a538
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
02abaac450f37764862b5b5029b4c949fc647058d64fc1c9d3465b9287b062e2
033f5a7086db13493218e5f5cd6f023b59fda98625ece4f31c61e4c441b23841
038157cd4038faaa3aa459c7b7c08485b2511523f7b7e686314784b176095943
03cca9f77b924fd880de2d4be54436d5e272614706782d441b9f5a21ebb89cdc
0483140cd07d8dd81f757cbeea9d0086a747e56a2c778a4ac816f607e34f52a7
04d1ea585b9a4b0ce0212283b69c5e8d6767d5e9f33ce6a06ad39344a2e067c5
04e628542db1ea3fa68c19869656fe3c25c072f5f7752a83bf2dcfb451010aeb
0572808a3b48a9d57e5422dedbcf619d2cae8eeb8349e599e847ff5900d4ecb0
0579f65b8e9a1efb8c62a1e834e96409f5a93e5f78a7bc266a25d8bb7f1c1584
0583ce7d9d8a29b652c018a094ea490cdbd5d9a30f8327dc177c5e42c9b5d328
0586bba544b83740698206c2fddefd89cf36a78f5385028bb394269547ae67cb
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
063237f5f52863c3f711ef56625653397a5650eca2da3fa375dc181985a1badb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06de17ba3463bd782e406892d90188002368f1a7c22b46c70cec89c1a3c1dd95
0740728090b8fc5dfbfd366139a0000aebf1460ed239639c7b2042caae477268
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0846e5d04961c9a9a130a6faecc4a94595b788462104ceced09a5320b19b9250
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
08d283e5cf22a7012ef9e24fc00f393028578022290e62db165e1fde32c67958
08f1c527826de7bc97428cd2e1d3536bc848a53b802f5077140cfaae032cb2b3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a03f37594aa1eab6c391b9f8d19f5f897dc17b69e314b81aebe5553b9782d17
0a7c5cebbb6d6eff010530c59b73e9e423125219661ff9bc5866c55cd17a5607
0a8bb1a31e367a9c0b7b16022f12a35e33c490f912d299728406e2af47e81194
0a8df989f82869867f2fd9b635416a6ecd80ca33dee35f7a897e75bda77ba15d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbd69abf08f9126c3d36b01bbed1046730ff56fb84ca27a88de0b98110f8d31
0c1aaa9906b861a56ead626b363d23e80b52e6496ed8c50e9cce1c9f809838ab
0c2612b8d214c56a727d320101ac88cd161d49016077dc7a65c8e07de6456826
0cdf77c43125fb6afe4e2169a1d480b03875629a3688cf6b57bd552407e37b9e
0d20a810442b8c7de9d5343a4f4902f0b8444a72b4c1b3fcdb97c319f65a879e
0d22b2f2648e560a9ecb389b810ba0e5defd21fc67c47eaf679202b27d13191e
0d3aa6faf66c81f4241698f47e79d195766149046c67d1133fc25a912a623175
0d4d3956b34f32750ac31746a17297b77098a55f4b86a6dba7f7386e1a089715
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
0e0ee2604ba49297c02661a14d03a83d8a70944d8de130d5179d4b1a4009cd62
0e5dcfc59813cafa702d1ae81676eeecb25ba8da775d02b693d21089e81fc7c5
0ef56a843eaeea072e78aa174bcb41ea0b4eacc38bb472f37cf8cb5d22108578
0f3ee67ad553afd0330f9d78badf138c999e272095e83470eaf17c9b153681d5
0ffbf3d4cf38af6715211c0a5b109363715de928e9d2dd2ecea9336b476c9d9b
10e7f2577b8d1525dd124c270078f9f3a363a55965eb1a03b290403d731d134d
11c5a22dd9019075ebe82b053243bda7bbadd0d5e57f67f11148c723f946bf14
12580b97542bb036d3fedcd3ae2951e221e9d98d10b3f708decb630d9c26835d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12bec9bcbb5089d65e103eabb935980e6015d10ccfb867a6e7ee9a1913b3d445
131ed5196cec405192588cf5d8a116ad7e6a2144e9b74bf2ead3dc292a971cd5
1330dd041c0e6db07ed71a27481783ff2234563f9387089356aa743f50df242c
13e736c5dd229b5937aad528bef33717e5c00d11ce3762aeeb2abe5f332316fb
1438d0317dcd6667d89e1a9be853a746ded5a3997b4cfdf41dc0bf34e5953ca3
14c3eabde859965fb6823b61626aee86f079a8a92b1fd58bd0ef8674174855f0
150d83d3908a81583ba6ff21fe20e5cef59f7daf4001dd6aa042e9aa1f06d576
15a978805b2c210518bbc69d35d6e4c19488869041ccafa6e523c4046d454206
15eb910c3b47152db5d866904c0fb6fbf42ccbf3febb498c839e401bfd157b1a
167b3d03240c5336d1ed2233c8e2013bf816aa03da24bcfec6588203d1bd8f6a
1682add94f36789a71ad757a3ad88f8bdd87408de48ee9f9ae3a56b1fc19fa37
1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c
17bd9a9614716ce62774ec545d56048db7ab4729024e9c83ff7faa1cbd39aae3
17e381e7b3a9d4ae46d52ceb25b841f98408b465bc81527469c78e99c2076ef8
17f099f709b8e8ed677ca7ca8700e4fc95152c467a36de975be5980960d56ff0
180d8a3ba8d61fd790cbdfa78172c68096a943558314e59b40e91f2a9b733ca2
18e75818e0e5b39bb8b635962546e00955b87eae78ea6e80a284a5783a7afef8
1995815708eb0ca70ed360574f2ef57fd47d5198d46ba9f1e28d06b7865bf319
19d59f03c930bd4a4779b1e411db69eaf7722da3063fc773553bb590f8a0f8c0
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1ac27e7c46cdb91b02b0ff5839dbe07436b675dee58ebd975b38180054f1a5a6
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b2f2188333f50de214416ec28aa0c84c40e8ef1189bebbec0b4d11be135ee39
1b3b86fca03689f064265e61eec30a33f816c075d0da4f6f15bc68b66b23f230
1b6c1b196e9271dd5ab475c523733a74ce73db2605031b2ab6229b4ab401cf23
1c9ca45657c8b062f678ccc4bb3a5caf9025e949db147c7ec415bb1ad108ac72
1caea3faf29c4bcfab1117e86b7141cf5fff038d729c6d044115118354ead733
1d355a2635cf91a471018aa8dd3f11475641f3830b3d4afa7d103d0881b06581
1ea583ad22621265b75e5d637ddbb0f6a8f12a2e51df1269755b94a89e56fff1
1eaa58b707922b725f47ee603ef373409f17a9a495a946065a6617f57d5ac1b3
1f3fd67f059095c6076c948dd11d330141c2fc0f25e39637eae9c23f57b0db59
1f856be9d8fa19c18ac1550b266f0edb45cdc088cfac57cedaffdbeb8e247b56
20bbf512cbf8f9fcd4cc63fe7753d09573ac7ebc4c3bff658c981e5eadbb5100
2125b73ae211f46f82ee27eee87e5aa312c5bbf2aedca1b50b7d80f21fd3d5d2
21aa0d4a05de2ad7ae751287f85ef65bbcfd958db062a87a088000c49385eb39
22569025a3f35903305c3678d092b4d553fd740a5c3e80829b2a9b061d74a593
226a0dffeb1f6e65b86db44b00b2a1e0356f44fb99b9306c0885d0049ab854e4
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
24659aedee6b12c620933b83a77064ed9c124b3efc3578ebf2d4dc12cb6ee060
24b6a3f0ff3b00ca5fdda5ae6d4a956400f807835675fc11486539e508849381
2522893395c2050caf8c37f2327a02c489957de67634cede4e1ed45707baa874
2574b63beabebbfd0df7880a80e5539e5dd37cb8295956f989aa7a1b078a90a9
262cdcc2c94544c6bf0b5d6ae014f5d9b4ccb9d9cbeb6631d251e0cff03a2c26
265d92e31b90a0835b952683556ca3fdafb77d6375a819c70907ddb067746f55
26a2cd3394cfc69100e07b1f03de3c0e4aa1fde15d3f84639d9c7a2c5089b363
26bd569435aa327b3bd5148e1e4bd92c6cdd67c0bd856632bc8ffe1eb1e2018d
27bbcde8c80341b6069d939e50dbe417e888cf4a0f699964e60ba9a595e92e27
27f008c8d0501f549af3b5166d1cb393248c42ef6d3e948a34452409e784f658
28622e4c1f35270ea334648e914b5dba6a9cc9c01e68ab0e3343b4297561e6cf
288fd8ba8cb04967d8ffdb274e8828d79fe679e6991ceff828f0f48e04f315db
28a3b8c616cc8b88edddc9991c5be70eef6b2b368d70688f2c18ceae508ec1bf
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
28c48173a3d22a330c9be901a0d58053bea418e04957197f1e3fb2784da355dc
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2a197fcab432eb9ca2c165078299761d432b1935e7514517482d9b72b3f58c6d
2c3b7ffe3c5617bb46345a5257b4377733068a9827e45e7d639c55f1c9ac765a
2c7221cd1b174cb1423a47e5abd17036f2f3eb71cb4926f9088322851b50ae99
2daa54f1c0b477fcfbbd8a46540e638d4317ebadf08bd773e87f50d63376bfc6
2dd7c05a17e4d2632289786638fcf393c0d16913326d49746549e5304833bc7b
2e1cbc5a4355500520e93d85fc951beef125d4a4d771537ebedf0c2d9d525bd9
2e2a20d90c5131c687c2b751a519c59e58c6911531c6a6b04ee93306704d885f
2e34266e31590b3ed3fb02e75131390c9daacd23adc38092d0937baddb27ad0b
2efd207afe4b1ff32a39e4a94c7b7c93df3065199b03f118083c17c7060a7315
2f85e6f2bd86d81a004b6fabd74df0f89c455626843257f604ccdac0f8b89999
2fb43e6b945c902558712791330998295f8229f52ad59036104d3a6931b6925f
2fd9ed1c8a9c35b447ac85fbac9893a1c44601aa34710d50e178ebe5ca3db7c2
30435e41b3601b3a15bbbeaa15d884a1f1bdb0034c3fa906c81bb63bef98bff7
30c47a8f42f066d57122c9c7423bac6aeacda4838e57a64e8af4b35f3ddb254f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
318e74e0e30d3d38f32cb7b14e5090d7685076066adc5702ab4fd305224c9f6d
31b0261dd1513ad724e12565e0641b6d71d6721ac04bdb53f65c43ebf0b13251
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31f4db27d40c17ddd30179d71bfc7cd0ab6ce459c46e2a935609acf3cba1e295
322788582ae994fb6b81af4edc824b00ebc917d0659e65122cb1b13fc4a79562
323fcd03846120d9742e56ea701a75b27264529d5d82dc9577f12794ebb31b22
3293cb2698266f6dc7cbfe84d30be6311038d404d63443d38cf6c282bde3cfe7
329e0afdbb2c756101a631fbf12bacc1475201b76b4f4137711082b27d2eaf9f
32cedd165ec8cee04f6128ac6706a6dc5e0d0c88b0157a0755a6a80ea37b31b7
32cee45308d1ec5613019e539d46e898d63dc97e08b55ee6ef7aaebc16f3418d
32db368d45a1ac5be7c16e128fc20b07b9e7fc6fab0a777857fccb16c97c4794
33b6c8625494893fc70994f3d689cc762b934d82dc515306c28c0b9348bd9bd6
3409c1dfa8da857c546c778335d7a9637d37651c91fb161ba7d1e7c4f1d6e88a
356b19ce5fa8eb71f7f24b4633af26a934a5c7ee1dfcd1aa5aceca356bc37330
3586d49aec42c0b53efb201eda6a9b36064fc95e3ccb45d754938dedcc6a11c6
360ba306a0b672ed7a7440cbddccc7baf242014c850489a761b2385487cebbab
3610a22a24d490260b97183a87c4cfc419e2cf808f23eb8a5168bf40800c5709
362c6173fe30f3efe6e65a08593e67369149632104510bf7da8d7779b38ab1c9
3666410dd847e3afcbfe57e5ccb354efd7beeb2dc33d5133b2c088a144496d8e
36700b61f14dbc5ecb08b8cd8d86af01df96b7d53c7a20be00a3f0b1962efd93
370750c57a0f1bfa7992a3816ba2c442fa33e3bd05e32ae71056222e2e88be68
37494d807956738f5183de11c36b1a6443a67c0c5df90f0a192d8e6a092610a3
38d18f62e79c134215df351ed33ae4633d06c9d26a75b15ed2f827f4fc133785
391f47b84c8bad2232361d492674e6e5d3509c47487f93930cea6f2a0ad6a418
398f45c7c6fe20521d59e62526b55a2431b587b98287926d8fae0ed8e4a385f7
39e9cd4612099dc9221510f217effd09e78e0b621f52644c2e03ea6a5a00060c
3a1af736fc3231918978d0dfbe35b6749b2a65ac97444d79fff0f65e9d2fa4b6
3a5b806afd5ff34f4224b5d131a4ea61b9d140db13a1e4cf9d3db449243a3df4
3a76f37cf2347473b584d13cd8abbec2d7806bcf28ba7a08e5a20acda492c474
3a93ade7eb33d43eff24b78be0fd3bd48285a9616f8b70608f3d2573e0da428c
3b13acbe38ff063877383e01172b2c0b8f0ca85769c2cf76654132e289b63485
3b29bd44f6eaa07ef4262249b06eaabc25735c11aa3a64ddcd9afe76301060a9
3b480690b3b0665b2f12d9ffdcd05c081e5bf5ca5c84787b7d99877bde157e0c
3c0d0133f0c4de69506db43902173fb3e04ca467c2e4f03453247a544fe7c122
3c1a16c3493aa39a9dc7603d83ef633bec03d549d44ecda69bbfe0c41bec8203
3caa1536b679b0f2b073fbd4271da5d34fa590984235d159dbcee4a177e659bf
3cf1c12cb36b8d73264a7f612f240e6ce03d85ace3268b7fa1cc39f4e7c6817e
3d026e325bf5b04e491c158a938b24020eba3d20a326633e3706fa8be5fa6015
3d4f9b390b37795f01c27bdd403af3a942fdd7cc9e547f3d28fd3713e0d1a496
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d9a77013cc84219e60cae6039fe95abf88f6e9fd1a1cedf120f1e8fbe8f5d6a
3db5b39821a3fd830934435e760762a2a4bde1a46bb5a47faae1c4a45202b2d7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e329f1ba7b4748e0db62d315060c3727dd25a75c0023e122dc52237521b3a61
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
3e798335ea7fb6d808b011b6b88882308f3cb8da72a3fa29afdb1ab3860e98b6
3e80fab292be0ed63a46ac48e317e35eb4d19cb72f245c4d75c2d9df54e93e90
3e9802f8ec9180b0552512ab0f11f6d86c70881ecda9f87f7d5374b8aaeddeb4
3f341cd15c8ddaeca7a85e38851defe3877cd2835cf327b8a8ef728dfddad78a
3f3fbbc80d89c736becb89f921aa829cec3ecff930d34885bcbd54224f936c29
3f853dd5feac2f2d0dfa765e6be2ea1c408e09ad51746003543d4e882618f399
3fdaca079f6957a10ec08eef493f0781da2239eed241951a4aaec39de1faed00
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40101a7179378bb0fa42c4b9bf544574bc93960cba18b00cfd326ca987e02fd6
403fc8964790196476ff4e888d6e806f4099a6d573f306182b1802c1c3d9e546
40cdda6cbce9ad8292871983f62d55387cfc49248f947a28262a0666deacbf8a
40d185b7ebe36eb42c620cc145a28dd0b6669de6bb8c6999922e17f5c867bde9
40d360e331f1554a24a786a418631f97c613902398ad6ac5c17bb36572de8942
4191d89ec03bce5dc273716075335e31851031184b0fff0ab9fc900a8442019f
41ac318772d2393e32eaac3dca80e0282cc6220b6d7ae301e3dc55af397cccf7
4256548e6dc4a188a6b396d6abf1c2ae55cf53820a372e65c8cb8a174c96f4fc
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
448d305ad6e8d6b57c5e4d37afbf26c77bcf2c2548e1fe462772757ee6ccbbe1
4498f16d5b9e9a84f838be4fe6824a11d4a8b52b0b708a6b6dc6619980e4b41b
44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f
452410fef223a412e5608205fc069ecc35a4d919b413b3422a714a17ebfd0651
460289db9adbbf6345f48c180e33078f9b816caff1e7c713eb50930b82492424
4657a325e1aa439067592cb94db05d7627e68a36fe53fb24cc34ad2784415dab
465ce70f5c1a82ec1e6c21ab1bfb839d8744a09a620afdbd824d5e5ffb051ed6
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a8ffdfdf200d90e1ab60a940d8112041177b3ac1d60969bbb1cc71289c3389
4801ec24fa72b83046265ea9fc7d272a57ec5204bc56507b9df80148324cf8c8
4957799b91011f5edd6e106abaeb9e036c19e745895d8cce32df2531676f04c3
4a9d3fee70141b957eb7ea5e642d83057d9b594e5bf734eea8252e67affbf39b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bba8debddd544a8eaab11715ae8f95603946a1d465e868b66c47b0f3a2c9a59
4bcc59ad30f4bdf7de985efbc35f50159ef4a2ae1234e5f2e9b5c2c2b8357638
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4c2aaeed01a8da8ff28038839bf02a197c7931a079ca49bbfb117f086106f6d8
4c82f7379ad6fa97670e03f45a0c885a6975f1582ccdd687ddf03caa02000c6d
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4d51ee77c3ee13843954b8b9a0fe7365f7350c2dee7304cd3c26819e69547547
4d62943573918fb26ee7dd5ddc4ae612f0e6c628633ad6818431a57dd66acd82
4d72dc63ae6f6dd4e0b520b7b5cfb2d0a82ae3a921d3346cee45a21a219260ed
4d9627c36161c4cea738f0d4088886b6f4c5856dd5eb898dcf26f1a14d087fab
4dcd33d17f57ed2223caf3d3580b82478dab97bb45cd5920987addc8ef0029f2
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb854d3d0d10135ed03d919d565f28b4d6350d43ea472525a47ffa02903819a
4eb8e6be3b99dcde17680ecceec25805e3b129dd7ea458305586a00c4b3254b6
4f530dc6724889ca2261d21dc7a8a8165e025a77aae89905249de90eee518287
4f82fcf331ca01203b819fee779dfae0394751c1b2922500240f06c381696590
5035d9ecea04983a14a8ab80860bc7e49d8254946defee150cf9fcd27641ede2
5045df2c035f5fddbd87299135efa1f96ff827ec9eecd19f01aa9ff6b45bdfe3
5181a58701b2b8b2e17cd240c38df35e96a404cda30dcedf973a935a24eb265c
51e1d15921cbfa819feda0d858fd8c1a99879ee7bd5aff5081acbd14b7423e56
51f45a65f168aac7b78b0bdf9e65f8ad853539d5690a528ffd827779e838333d
51f7c4d22e30fdd957cb7d8ba081f04e0d666cb667a5f7af6981136377ddf9ca
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
528dafafd257c7fbf8d58f511cc9d98041611ea040c4a2ad23b79f716fe9d27b
52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b
533f3e4e361d851dc5dd2a73ebd40d869e6234a5dcd221048025e03085a75f16
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c9c8069c1e6d7a39a04ef06083b5fab6c6807e295529c37ccf8b4b96f61ddb
53e637909208e211f753b68ab0cb2312abfb528b9920e8a3b6eddcb89eb861cd
542cbd48e95dadcdf90b54e7673d81cf1747a9c18916e6fb6f86b5ccd4c4a612
542ec618c3fa72569d6241c6d125b9dc7ee7427f585c6a5714f980dfa2764f24
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e1ac1d6a5631cc3d2be1166a6688645a001e22b8f0d61b89c6cec62bce2e1c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
568c1118a94d99bdc99736ae4e951beb84e7374dff11fcd0531b21f1efcf76a7
56ccfb1351df840050b7813694f16e45c276cf3d91cbd6d3ff39f18ee7443864
579e6c63b2c533f334bceb93a5b0f9c8534bd29037dfefdc50ba4bd2a184a433
579f766cd56bb31e283c02962748aeb4a722d20899aea2cf5d78efab83079c99
5934b3fe78874efb44f3f846890d3304b94f54c2249d6b1214643b854a94f068
5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3
593834a4e3ee41c11df0f2cc4a0f72c483eee16361b8e1808d5603ed18234cd6
5a35f576f68b5892e0343c68b6d7e01a75828310bd6818eababe5ec3ba3f5c2a
5a5e2db72cee28fc4d208450a1c268b357c19fcc1acb982df28eafe913555716
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5af8e2f87815b9fbca9016b1996d138bea2f683bfebaecd544468ffdacd8df3a
5c1a3036de0163cad11f39eecd4a54d8c6f0f7c02f5a9eb173ffdc19d94611a3
5ca109e6f0e16e9822e41ba37a530a8764aaa897a43c7f98e23707d2266227fe
5d2420347996036c329f2ef777280ed708ff27f139e60f5203c3899748b9a412
5d2937593d680bff03ea19b1675a743da80c251b3979c0135d516c44449234b7
5e097277dc3ae421a7f5df318a6911d3c60608f1b0f8f423beb7933c26d5c3dc
5e0d70d4ab9c4f15125d6c6712709fdd95d7216ec6c5e3967838b6571f858ca8
5e23e6889cc6aed29ff1a675ef903f22c4b80aa6fc5c0f4f54d9383a535a11de
5e4e6fdc1b1fa80567d0686a4b1afdd980b217a30afcf61b77523d4ab7af9d77
5e84a1f39fa1eabb53b9dae8c232da84c8ab58f561ce07bb8360327358560be7
5e948d27b185fbab32b2cf59c22eb08aa139594ed7ccb1bae8f19e682eca777c
5f7285c55791356c0f9a06310ccb928ddb1cc1afe63904a1338d0a662c205ea1
5ff3f4f3d38118e68024faba0625b75b65a656ca7a7a8af425a2f7ad08a6cae6
607fb040fbdf19f68b37db329b6722a4a2749a5230e27ce43c59b7c24602d24e
60bde0d59162a6f552ccc30dbf009b15adafbe7dd0a9a7e172f1f1223cbc4a26
611df9583e6628d4bc7458ac0bd1da253a5630d3a6c9e93ec4468b86832c635f
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61b66fa88549fc8cce2a5fb759147ab6c4f15981dadab36a1ac12e056134518b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cbad870f9c0130fb7e34db92e176c31301f12af220878a3ce9120f256f158a
625586fea20f1285f9a4455b55f9a5f89dd5bd5168fed0e5797a9de5b845d494
62b1c129b39464235bacd3e133c849880c5666f99ccc20a104d4fb56fd12bb3c
62f76e4176bc80ff30b2f3a6ce28c26a573f14f0e8614ab03f79a8774a2250a5
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6361e3a49a38d1fdc74ec96bd29ee1ecd7c30045ccb0e5f361413d65cbf5ef87
64086a27954f804277fe16892726fd9965bb58eb5f0abf69b3608f6b7c4abfbe
6414e3b841c6cd1fb1862da8f480da3ab6158c9432dd228e470492b029651509
6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05
64be6320b7bbc651ef34ae28c11b33a4fc0622929feee0269846741dda3c5ec6
656fcb44d24c53fb1f86f7ac85a3df256154ad00c5fa8d73703ee1d2957d9efa
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
65bdb4b5ebb2ec318cb2a4a0e6cc504cdbcaff186bfc5c8cee20af7f52363a0d
6722d32f8643112eb443013bca30eae8c4a22ac55fe85a0d7e0f98798dba5cf0
6744050bae69a47a6bc42d3e765b2dc6c53482290f1f4f122a8ca55bb94e9577
6780880362245a4f930c00c44f556407be7e77c2030dc6204e6d456a4295c6d5
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
67fd9e13b8e46800c09376cc14ff678d47fee1a0312124caa1103cb587a819f0
693298a7bbb6f318aa1300782ef7f85580f003a82775ac3310b8c252333b7a49
69e5372efeedfb87580d7d3c1885ed36906b3ef8a2c7272080e325524409b240
69fab33aa54c3c6ae3ee9a535a288922dba8cecfccf56740840730f0e08b04fa
6a93c477127bad12d08a779a445d4c5962578f57d4171aee20df69a2b3e8c349
6ad5880dd260d80c20e3cbba59d0ddbeeb8c98c14db1048d9e278dafce2c0f65
6ae054336078c44bdf74a9576112d526639b61859841acfd483dd6cec64db43d
6aeee8d7b8f59a4332c9d10016b6d08ce58270a1ba6e5e3964e4a67ef44659a2
6b915ef89dbea9452ed19323d81380742e86cc191e2cd30b79167d98d7282cc9
6bbcfc91437f3de19bc36216e5c1ab5940dee64312604aedbcfe82715ed10959
6c0bb603c59fe0c8110aeaec2cf09425b970df9a3da922bbe6fab7e9eecaaf0c
6d05bf870b2c8d094aab989b58879cd8498bafaf2419693ed6f1f26d38a8e76b
6d13ac2830e46644f178a9a701693df17035b75d83dd0dbf44df7969140f7269
6db8b06e415d339fa01d22effac5b679fd9ee5cad7ce9f4dc2970e2f36332d3f
6dea5b5c9abad6d730ce4c212e46e5ad4ad25b90c5514d70120c75fe952033dd
6e39e4d1e81d8b4793483526df7231a1d6ecdf371a02a93c4097adddcc5bee78
6ed89dfc9e6e053b29ff5af2f76765ca2e9ddf9ff0dfdd689dd3d8be701e1b87
6f149b2820fa32302244b3c6c996f150bdf78b66e4f5a16b8e214b4486205a67
6f6c726403029b80c0e041873a5f85ba37f2b786e808ad34292fd9abb4cbd749
703562ee96c27f5713b0cf2145d2932912a3c732c63886e1605ab5abea98c9c0
7051435c5e2b793e67de4d71a2725617adf24c48ed156609313fa346960729f4
70651252ddc3ae3cc902b7f374fb9037f0a27192fb31b66acbf5300441b45ad3
70a94cf3971b3c930c951939798f48922cca6c8c24d7b23f598fc62bc8a904c6
70b21e3d37b31e647a9557a0b5412ae9e298de03ecba863494e30943b1b5a7bb
70fb530eaff17f14fb020e9c41ae028133f870c8ee40ed9aaeb6869ba533d49d
711a8d3c6d036e5d2907810b7255622e34f23373f8d1387a1fc938e44c60fea0
71e7faeb23539a80cfbc809a13720c7aa5007367e513a59f35833da63e9387d6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7399db96bff229a7c80b3301964c778bd9c4fc156818b1b768d0bd361b19f719
73b4947e47ab374f76d32ddce7d8a9491efe272f18fa086487a4bdf6b410e8cf
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7478be03487100d66fa173e927f83d726fa4603559cd21b4847e84075d48e22c
75e81f50f23a9484fc9e32d44614fc43c8e694c2ba45f580cbeefb467b844e07
760b5b9655b676bc40d3555d7a0ab5838b89a7b55d4c53394082935ac48a4c6c
76b5752199f1b2af9eb9009bc61b15b32cf726fd369851f02ad40bddc9a3fa60
7709a11d5562c79d85bd25e536f99de5ac78892e00e265bcc65918ba11e80e91
77908db0f0e0ef6b2323479796d08b8e0a8c1550457942af0732703517c1c814
77b9cc0f369636267aef33a14d1a310e998fce6c21bb66477d26ff4450c4cf93
787391de9d315c75e2c66ff2dff770235faaf0ba462f25fbd83dc7fd41119ec1
7946a9ea76e1fe4bb6f53e85385897b4860ec53eada18d8ca659ae477f94fc22
796f8b86105caa4bb51fdc652d1a6139eae855a25510f3f72820affbd1a4b37e
79b273d214a51c7cbd48ed432c5532f9ca5166b714bbc5b39ecb046ec39fdc8f
7b720599f8aed3bac5b9531fecf6750c8fa7e593b727739bc0692fcc0f55b678
7bf062b66dfcd6054fdbd318b53ea45ce69cba4aa57b0f1c113f67a56e6ace53
7d143801b509bb471d4f5546f002fc5e79a86d642d809fc6a509b7c84773cc2d
7d22cd7f776ba1b231a9e96b9f63c745abc8f7cefaf1249cfb79f78bde1b6903
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
7db8a7c936cca11904420ba44aa38bc3970d866e7b07602a7f847adc961a1e53
7deef357745754394cfaae6955d9237af698b115b325f3a2bdf0d28feec46dc7
7e29d022de1af848a5272289b59f52c4725fe9d1ff614f7c77f8b553f883099f
7e3af5b3e233552be7e3d52c10056cb2e2340e8be0aa2b95daf9ae379db66957
7e66904a9e84051ac12295504ac19767b76279aa22655f6633cf994a099b3451
7e9540d3f1b5a8314644f31cf046cdad3ab8af07ea5b53dec24c7ae0db20b8f8
7f0cbf8e5789cffc95156090ca57d408cfea21eb7137988cf0152e0ec124cd23
7f44757c0a1bcf4f0f41bffec262a3daede3a431b331ce0a170f88012f1dfea9
7f56384c81dfb271e6151be0ed1eb3ef26267cab847b6e117fbbed6c8b1fd35f
7ff415abfd08570e8c4cec6a98d50c1bd35850168adf2ea902537d16642e3239
81479eb833ecb321e51f34c46b954c3ef189e0aca65d563d5a1d672b121b01a5
81c1b3fd9ce47b16150dcae223525dea1ee27dcbeec5defc6fa58e33dae0d106
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
828117c3f0505d39f1627b3fc24ee5e8cef9294583a73c217ee1eaa112cbcdc3
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83bcf8f0074ddf51d53b18f1c690ddb26c6c7759b18e6abe14d7d1d9dbf35b0c
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
852be3598e9336686541315c2de8dcb74140357ab61bc19038ccf6e8387dd45b
85f0b1901c09c7c348da332168596368428cc3813061dfa9036cd2640bbc6366
86770dc84be4da0c0fd8e39e79cabd20ac5b994d1ead10c7a5d6adf5e3d26553
87a8034fd5739a11a780145585da9a33e1a30a60494cf107b67fa5ec5ef0caec
87c5a8b473197aa1b015c4ec1a267f7677000e093d77add79663c7487b8778f9
87ecfeb6b15232e9c20aeaa8d6f64140b05354435db81a58d022fb42779798cc
88db13e775b780cf6acea0b41abbb0feae7307c8096dde51e2afd6ba0e786fba
8927cfc05610d2971e976a4bd19f4ca0cce4069afe36777ab916f6686b8a1c20
8944da5a861ece00185fa173ea65324e7d4797aa863c6fa0f03e066805974b6c
8959cb49147ca81605362c45925027eec7a80acbfc71b0e1c2341814d909d7da
89dd617f06b5cde21926c8f2560c7f882b74f1a3fd8845830d6a68d83cc4618c
8a59602641b1a79495197d5e045a3c350027ecc05cdcc03d00cb68f988348af6
8a8dbc1923f5a80fc668e8f63ac3c277ce8e5e679c33f3f93d04c9a93dd98484
8a8e56e54e20a51b30fa37cba337db7834070471a3bb00a06452e6cfca75a5dc
8b4435b984d017be896a1e296cafdd127535f6eead6d357aee8b33e9d2f5cd9d
8b511bdd39258b151a43c0fc96b7fcc3a5b857f80fe62f2e3cb86ebd3e4ce804
8b5c955a8f7e29659a514943f16c32a961c526268d29e70dc0ae9e03b1f27f9f
8b9ab32dcb9aae8642e4e9f6a6816baa086407fe3e26d1eab748a166467db705
8bac310cfc5db47e22757d2a30f209b8a916c9de232338bfdb537bfe8b49a352
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d56d7b7e52c109fe83ee91d62aa79486f2f66eae72edf78fc6b467f8c52238f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da303506a68bb68bc84ad6685205842e96895b7b1c3b69764f47347e5989e3c
8e0bc7dbd390b89b740d51078483c65757043c41646e46e237c4790658abfe3b
8e64725fcae8c42706632b6a8bb809a589d602dcb0343c22902fe251208bdcfa
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8edf79f31f38afd348cd93ad56ae7df804394b8a403191af474496823161bdc8
8eff79d1719fa8f2eee089eef7debc125ba68376494732cb805794a7fce7dbfa
8f043819bbac30b5c185a0431c1ef4d422fab4dce25cfa16484a2e29fd71ff84
8f4b25e371df7eee566dc9634e32eb1c3b9ce893f6b9516e210de76b341a427e
8f4d87657c20bdb47e970a3c10548cef4228025073e5020513af4c5ae84942ef
8f78966220704ec879b95f6d8460770b38cab085ddf2d8fbbebb6f39a9f3046c
9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4
9058168296552dece23021da0a588c423215b2b3948f61a55ebc77023fa124a1
906c953e7048a7bf30ca22576f6ec25d36cc700f49bfabdacd53407d28c72290
9103bd598c8375a42ba154103dd920c2a114bbb579c3517da53836f6ccaf29a7
910f54619aa2e3319aa9df5a2aba9ce45fe2427926822d7eb754308a06c3850c
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
91eaa344cf2bcaa6383f9510e067a5e8de2ae95c6980956ecdc09791e6988b6a
91f0e06ba75d59d1b8536afe83f00710e4940d3689ba82552acb70c31cfbc745
91f16441901e04abec9bbc4f13fea554e53306389d2b56e817ec9a6990f7407e
92544c8557fdb812ded31f9352b0d4ea9d90b9e8ea80b548fe9915a14d8b411b
92efcba9e2b1efb49f99fb82fe7a8bc7d29d6826b07bb1d9948ae14367ae4417
931662a32cbe26f70f9e25065b02ea62e22fdd213638950ddf1241e2a14030ef
93167c0034b44c66c3f816834eb4cbbaf5aea72ecdd2f280113d64f29289f9d9
9356be08d59a4171e41033bc64a4cb5e32e68057323a2a36e1c053408d9e8726
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
93dda4d45a8b4c0783d6ec64f0ed154b7ac4695ca7077999ceaf9eb0b6cdcb4e
94780cdb45ffd71b01f35450a5db109681cfa6183cc2d9155732762d5cbe5829
949126871a0e99f5ed540ad478c3cc5fe5b0d182eb9276ca913cdcf9fd0655c3
95d838de11136e7964ca0eaa375bf294d19a0b15880a014338e0a5d9d8e05385
963b33b968ee14442d917bb14b6c8155b4bfa633a6ce3d00e89ff9f05d630828
968c0d001836b384c532281f606021e349d4b211fa7e84a76f9e993b28c49224
96a0135d56d3f4a753df608a2939a45e1227762fc7a1ae09c9c27d869754efbc
97c242e9a7a904cfd5f030ab19a28a7e86ec72ab777345e2ae824290303d6c25
97c9530333f960ee4377b50db0204a62be47cb0b868c6dc0f2bb012a9c27b593
9814b7b8bf6f56e663a520664b3d3adfff37ec1361657a49977b45042cbdebae
98294a988629a3349317c4e6f2e4486b0cb903b06c614a240228d297116facdc
992f8f5bb6a14bbaad50fe3b54656450787ddcbd8e295623cc31bd27d56d5809
993bd11d7be00273471df26f484a2509130567d8352a6726c581ab354b65f67f
995d911b164843c6c2eb0a86d028f14e5d08971da5b51681b60f478bd781d8f7
99813d7eb3ff828f803561dca30a62f14056de10f0a69ea8e3c0225e13e34d6b
999fb1d3f9521d90199fcdddeb22789b91563ae2dfd94546bcb4409b57796439
99bf2adf4ea4d4a5d3ad3c72dacf31063e7b38807522b4267ac6c196666fe524
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b184cfae5874e680b46b6387ce4b9cd012423965b3f9adb8d23bbf27b1e8dba
9b9107b80b6971030cd8cd7a95f2cba5749e3b9ee137f0932bc6ee2bf7b79be8
9bae663f8229a58194c60f976b1ca88e87e0310c5860be118fa57e97412f758a
9c29c8399adad9757ee41b995c03c6d160e94821c6d4d3f761055ba26df389db
9c48d2a8bad2939a9b5de995ac74d4736000ed25522124eef13d4c94656ec9a0
9cbb7f0cc577310b18c2d38b300ed125616e8713c558506a1c91901f3158b08c
9cd87aa2f367169e593e440ff821dcf72795b7dc3836bd18fb4e543cc5405f1c
9cf4330e7dfb35e9654840ca3935c25427ee9c9e148c1fd69ed164b96e089c5e
9e2a799a251ce713aef7ef8c27a2d6e01f641ced4186d46b2026f5935696ddd6
9ebd0eca59186e292e7b441ece444770ccf6221e790345088ca10399d84c4865
9fbe817466ef9f6a3eb3ed1c43cf09f5b01b90154ef0098ce87970169c6c0f92
a0313fc3abc8605f7564670148102f46d3e4be5e65f50bbaa2be2e60c95a0611
a04d373be23a3f37dfe1f88cab01061db75f716edadc6451c652fe538f4be6c0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9f2117b2da20b702038d95e18b46041669b69b50688ccf8d81a771174790d
a0b82466922a8526dd2edec0e1d0e951bd09645b6db4810daafdee2c30fadacb
a0c87abe10428cb2263bdb4fb732b88a1ba8a6e3cb03ef945ea5351c7329c88e
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a15d45ad706dc0a8eefc8e9ff95df733cbdaa25c467902dd073526c1c07ae076
a18ebd731b20d7404e2eed45ad15a0e9068ec7c4eb6d95da6727c086e366227d
a23367e997c504720a206b5bed41beaa3ab9f37a49887085b4652af7e5c20180
a2b50a7717275164717e5601ffdde468787ff58649d61f5dde9cd94ae900df87
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a486ef37a052dad61b3c1f6be860af6df1260aef193caeffb423b330a80c852a
a56af7552603c023389c1b380a2acaf699ee64570fe7c4dbde07367e66676a3e
a625134502f8fae2ae5f7d003418199f4dce50c1c63b89178f95455e87b9b1e5
a692e4f81684d3951aef44809fbea2d9475a5ae15459581406d7db3d8228fc39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a79f20d69828d1ec44d560f4b9b28b9afd76c05ca00b24909126f654f097ed1f
a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd
a829d8f1d91bbf73d2ffb269605e04e98da7d7d9bee9edbea95f550331cdb9e8
a82ff1712b47af02f3cb24ee5ee29f9c0d3410b640e86817f2d1a5b41c827da8
a8efe93c46a68ed8afa139d2ae76ae5e1aad80a69261d71ccd52a3656dfc0dfd
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
a967d914d91ec1659efa5a71aefa395844316e51bca7fa00654bb6c5cf658480
a9a7979bfdb428aeee14c8f23b2671d0bc0924aef257bf0d1e332da168bf5b5b
a9b4c9f8393c6be6e1c6412aee7f63b408a6823fd703b395c69bb3d3dc95dc43
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa49dbd868d89fc0b4ea86298beb3033b17b5b6807887e2e7102390b2fabf744
aafcb232f2cb29d0231a2dd43c35565b1fd3f4c8550862c9fbddcf7c26ade8ab
aba3f475c119b797b257b1b3b4db2970d96431f24610e40fb33afa20a4023d79
abf06871460c4146014c28238429a90da8163d60d075e07d566ccd0a046143de
ac04d710c23d1cd16c4c346a4924ee02e5b495308bca0c4538883806df7b1a9f
ac20c4cb7b3870f1be1a9b50368ba580d90e05e9f63528e2a7371c2486ce4dce
ac40d6d1616e2eb650fb6ab67808f037e1d910b59233ed98ae274658174dc25d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace219438bb5d659cab63a5ec60d7523ee65d715f0416a1cc5b77399001616b7
ad1216fd149373b3d80e808113f6f6b858a15e1ac439580334aab3adde847f0e
adb0e74d3179802bb946d3487d460e61a98cdddfc16528a27fedb74e7f01de99
adfd84ca05d628bfeb257a51126293c8fbe158284adff544a0825f17523408da
ae0b47b7759973915e98c5838f30831bca432cec10b40da27733d7468d4b781c
aeac6074516776e89dc6c32b3134e2bd28d5c3204af8aad2c9582a407d570fc8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef2978da5d7c0873b8ebee05c99888fa6c6f48f54971958b8e5d7dd975aabf2
af1468abef7dffd562b24dce60e541fa95aebd4bcfef20ef5153035cd3b62854
af29fff92ac1ebe36da3483d07913a35d75df82813039421fee08251cbbdc0c3
b06d02174c9ec5579fb984d0613db6f2b58e159aee08133439e1b2cc8fc9e1d6
b0ed19b954889ad2410036aad1586cb446042527f058136f68c7f851cee9e1e5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18c1aa4f8fca6533fe5b5802b220ce2cbe6cbd9c23b01878f64a832e0f7386f
b1ebc5702fe31f9cc661f1521a38b415630a3fd814642d56974385c4a5c02bb0
b22bf3b5af91a3594cb1d3aa82e54899a41fa134a6d4b4cb95aa8d97816a1d02
b2500eb008e5d73a766eb36f5e95fa798dd31598077281e5bfd1345b6667b002
b39ba2a845ba52695370e4a20ae2b17750fbc68b71af56038ca52d883c509a45
b4b3d15bf7cacc7a9fca96c09a4be1c8b3a820a22a2b49559f27eb4c7a9d80f5
b4db541e06042b252e36e46c88fd77da3bc560c9b3c92f6bb1425a4b13b8d0ea
b5e90c68bd6632ed47483f2fa0c70f4ff0ef40143f6bb686eb7dd1002ff54e53
b745c0a1d306c48ac828ebeb17f0a85f09f8beb9c7d3ccb0a3becd8df3f3de72
b7c5aba1f7f66f034ac64eb0a959de175d03434650244d6f65699e7cda3a7912
b8aec4f1d36410524445366353836cb52e245a8126453a1635c7284cfdc8b9d2
b8b0d38101ce267af1f16bce80c5898f68142c8666d13c987b72b35ebb8ffa04
b8b887eee0bfe5820bd835eccf22c75199a9c851f5272b87c5f8fec6e52313c3
b9572a491dceb69854b69578b28113b8f7d7d4ce4758a38d797c94312c1d2325
b97fbaddd550c71a18f991bec66256deaaeb8ba11648d24892f0825721b6f94a
b9b0204c2fe1ff38c712d60167651b4aa31a1f1b11674e772841c7e0820937a4
ba13869f4bb5f29e17a82d62b5059c900accb7fe07e583b61a8dce996887cce6
bab4f6d2b39ce930f1db2d67aadb2a50b7e52b1dae01cb22aa1805baf318c218
bad2d6145e7686c901419c66a3874a615901c676868035af01af880ceb61ca26
bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c
bc29d71b4c02a98903e77e76f394f5167ff241afbe4df9b3ffb2a80a49d799d2
bc317edaee795433a4deafa9a49827ff3f818fdb907655671add08ba7327857c
bcb21157706e767d419b2e43e3ae8e5bd3de7eaaac26602dbedd31979242d162
bd331d1513f444bde10ec0205288e5cf151be6d7750f8297c3b7fcb57eeb1ab7
bdc0d2f82df0d0e1907f42ccc5f4ae71992e959a156b3756fefd1920adf80957
bdc5768de5ca05c07923f36474969aed246a093623e0dc131227b2b73992bacb
bded577da791469c0127b1010c24099d5a34941d5706d05be1b7a65b91465a6e
bf834f0369e9f25c8b3345d6ae681eb3ab5c132fdddb8fe688402d527ae2ec70
c0203378bce1f58fe1726031684bbf59b3fa710dc1479ecb4bba5cd6d2cd1e4a
c02ddb9544f6fa50a30893d6b3e63bd74aa46454cfca90a5ccc514f535781d1b
c030d08e24f8af5d21d35f27cea4a06fa7db04374421817ba89bc723aed66108
c071e9c13012980cede4a801b7399bc35cd4a88d6e8b33e07d3c283584bcdfd5
c0e23128ca7de66c34052521f40a1218fb9d8198d120393c9d7e0549fdc4485f
c113d2d891192c213a9ef749ca10766f1b7ad0e6bdaf342fbe7c6488c68ae2c7
c12c57928015b8d03e0529e7d1c3cff79dbe93aac02a6518faa99d446ce56859
c1cbf3b6e76a56e4418d97e2fc93281bd4c502a4cd5488b963ef4b37cf5850b0
c26afa867f8a03ea262ced0e99aa9ddc266e7320f710bec0215b97ae9fb88527
c2acb170595e7f6bc94d7e40a945547493973815df16f40f8eb7cd868559af3a
c2f7ddb4cc752cb5fd1afd98bd146974355250590e4ffd036aa513d9b0f38cfd
c4ccb16211b908739077245361b1be1486af20045b1cfe8658679e76f7cbf5a8
c608236193671ee248614b6f3de63cccd0bb8da36ac5018bf3e5510272d55ef2
c63635ffe1ea1c4731169ccfa13c0499174c7634d264beb4fca4809b7e75c0ee
c66a30d2ce614d3b226b83046f4cd15efea23ef7ab1e438ed50394aaf9937eeb
c6d4d16fa4e3839b5e96f0676720afa1dd2d368d8065bd904d1a5aa719c6f4c9
c6fb46b307b4b9fc2c1f330846bab3bf56a1fe8a4055dc58ece53e2673e1976e
c74eb8cbf1d55f1ee58660045281a69d6106d40d628f0facf8bb5010e0a7c8f4
c78bbd250897a9a576f63211e5a2e034aecc3a959bcb18aa8cdce8ed0224ab48
c7b13e837273524d7054f10108cb613066c4cd3568f3bb7ef144f65fca3371e9
c7df85edc5ab970a9d6ef7c4c70e56ec8dd221e4307dcac5c9a0f566a17c977f
c8bcc51298552b2e82bf9c85cd9c528ea656ecc68c38134d877d4e53878e228d
c9de0ea2e2ddc9e786e154d384bde65ba5c6ecab0091148bde8b8295c34cc6ea
ca772cf871c3bf99151afd8baaaf58d7c929b3901a5d384d51cdf23c341d6a33
cb11f24bbdf2c65d782f498e23219a467969b912dd304edefcd0ed4f3d52d54c
cb1fac04f3a349a2fbf5c5c0d9a7747e9ef788e11f98f96ef32bcbea4666e309
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
cc27288e6d005034d9bac1d81c65878ed0c586250e6c24293b9afcd06e9e28ba
cc403a3e752a3b389793390b8eb37f8ab3454100c7daeec494a0c80c763f1ee2
cc7f002d2156e9519cd0e43d01fd289a99417cb892beb3c9b77ccde140480fde
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd42ba9ac9f370a8652075bee49465852d4b5b5db7a6905f0f76fde286f81705
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
cee98f383fb34764ad6443b0d7deaf9287ac8b1c22557c0232eaeaa35b9ec0ae
cf1af13d574c65cc4b7d832720f35948ee8d8553f5fc845a5cc097194da73175
cf1fb76085cf06754a2bafd42d1eb4b827b942e5f8b97d2cf4ae98f39c31928e
cf3d9bedbd20bd9092e43e5f61f288c3c7614cfb636c72ca7c584f9401be13ba
cf4374b4246d87a215368bb1d9b4db4347a05870e4bbdde468c6b929a5232b03
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf980445e6e14c718896282377d3640cbd5e6f50f55d3512eb83c42ee5c67d3f
cf9ea3edbf5b6b9705d7f6d7ac924c59f4d51afec3786ab6ebbe5677ea597b8d
cfb704376fd75d49de33af9fdc3b8c71bdd2da1bb2b84d4bf92c681562180be2
cffdc8bc367a3e2b28b774d810f2c8208b5ad1c87f223064ee5ab9ecc6983638
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0caa6e9a128f70dd7b4268b34b1fa2266d68ad78ff6f8c5df5ef49e2c34f100
d0d3d57e34d80911e1f475cda19961560997d315be37c818c703de8b5d9857b0
d0eb1b925c4e435d6962165494bba3803f1388c5ce0886e2c04c1b7e35f9234b
d1415a3f4df486f2dbac4be33a47f5608ee10fe6336f6ad18aac0679fb5a3be0
d1e444e5b96219d1311f5527ef310b9d399f2bcf32966428b6889f9c2e8b8521
d23f81436180d963d017485e84880d7575a4bab390d3805ca21f7c3160b422e4
d29f63b34d0b3c4bd6dab3521eff9a1231fa7c795f13586a75b601b309625a74
d2d8b01ad57b7b73272cd99dde9e53778065d024877debaf4b609ac80efb57a1
d2f28cbbbfbd7a268f974848324438fccb4380abbef243ef5fc1265f171ee443
d344ba0f10dda95c808df24ac79942621748409893624fb89a73708f23357c00
d364673ea6cb2a4ca51a803621f7f5c11496d0a62969ea7e5e00f7858b129e8a
d54d37189fd4949091c6ac85a16773550b8a9088a072699943bf490c26dddbd8
d54f16e6baa22a8498e179086dc37e48df589c14ea1726e0fd544c347c4df6a7
d558728fbfc6916a4971f2b1d8cf77f53c2af576ade8eb4bebae499fb24099ef
d59a27370cefd6ced25e29072320c9fd5283bd9d8e3eea15946a97d8fc967e13
d604916648c1857dc07c32fc800557b2acf135069325a9e52acceee55dfa4941
d6446ced1f71125b304a5d8f68e109031ba2e63929d0a2d4367aa3694c91da9d
d6f4bcf04c28eb572e2ac217401b3980dc6a95597c09b8d16f3a8a761364f965
d6ffe6a213d12a5bbb5db9524730e99cc161afb671773b4a715c7c01a51bbd85
d7067fc12483f25ca26db4756dcf33c0385d1740d5532972a35a174625f7f19b
d78a8df1b84fdcb20764baff4a92fa858edea6724dd8b341161f9c0013f75baa
d7b7c4cd2270494ec9498273c33eceb628e06a15082110aee8c82e0c0e4161b6
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d84ee6e2ed535be7e5321759346497550f2b17ec281c4d64eb7d69daf3792b41
d86cd183faa82d4d56cf9b6f38c420ef333cb070b3fbfa79c07679a262f66c2a
d9ab016186dd3a5df83e39a21884ebc771443a29cf97a7b3c088a75d2f061d44
d9c69c8ab870b5a4b027d166cc2086389cc0aab0c019c1d042f7afab78740979
da4573c02564cf2577814f7fe2046eb46c6a913beaa839f1758ec90110f355b7
da80171367ccb86206235641cfa5efc267725e1870f5cc5c2a777dc57c7d5ebe
da80cb2c79431a0de19ff5e63cf43f7ae42c973587cc0208f3a14549dc1a0e88
db15ffd30816a5cd6134239c7e2123748b031f70b5d4ec533e1f321e54cc1911
db1af35593407a80b84bd15f5603726bee908fd1dc46ab85e4f8d2fd97574dcc
dba92830bfbf732928030a23c7627a46635e0c33b3208282539f0433a0ecd288
dc63570827ac055bf3f5602f5a2dd318f00d7f8e2c76bc1228156f9a6353c6e8
dca34648fdcb8a15b43c1d5399b279b15dc4078837b72b2849ce0ac5161b6066
dcef2d7099d2766524f4350065ddf74cd858d04a8b2ca598afa96e80b3da5ca9
dd0e37549cb6bb59eca740965898ba653ee7da4d94361080c2dbdc9d7e43721f
dd337ad4010a0136a5cc3f5de2ba1a2848d45496b4f8ea168ccb04d96d593d0c
dd43e5d00f3291ceea5bbed79873f41c36f536fb3fd3d00009c4eb36921b749e
dd85c2b75029c6402b9405a1aae827d02eb67f382a60d33ea5f2a9a7b50d33c1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de77c5205185776fc71b430ff65109cb40dd2a61857244017310f80b9a51f3b3
df3a26b4c9d0a3ea04e5ca6e7c87cc79301d8b503729b57bb52c16dc3d528229
df4e3ba99c7f461fec042b88ad01aafa5589fbbb52de551c808359e6974d4a6d
df7671ea1a325ed1e6f5344281ce84bf2acdce29b38eab01bd007d71bd59f9b6
df9030bcd568300d0f9104617fc07ab762e825ff3d772df7fc0c7183e7f4cdca
e12d0b719a90d21a93f9fa418abad5e1f4e4a360c223219f22a5b671a9037942
e2a0d73cdac8030ccba3e7b749c58bcbd73d95d55210e99f93d5eb47be1e1f37
e2bb20c63128dfd73ae367119bdbc45a4df379af2ef1772bdf903506f95d361a
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c0998c25010738899789ecdec5a750a4293559d92c769256b3577eab0c7060
e46a6bab8079a2422633339e195ad3ce06c11feb40bbf45c1c4faf0575635e43
e5395e9cdfe7b5ef6220655c59cdd073186e8fee2d4ba8cf5ea2813557957a5a
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e73fe8ec80efbd6bae8b1175b46999e538db1129e66ea2c154624fecfa31719f
e744d88d2c886b8f85b27c9524cc4beec858f602d1e95a77ee972a2b59d43417
e770b492a640d30b38867b8aa395f21c63f12ecb4d620a254efc1523300f6cf9
e7ec0426720140dd717d925d7d1376074f2b04bb2e431bedb2af03f005127cdf
e88596bee2cce96fad4bdeb2fd544367ba0f1cce7c8072ba7543d210d21cd5c5
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
e8e49cb02b58f0b48dbe20560c78e690935c7767cd9c6ab8e3a877660cbf6586
e913dfe5f9c84bf01ff60f77e33a70e9e62fb5c1c6bfd3cfa279474a2d68949f
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
eb99134542c987f687360d120213eeec049a290d73d2302ee1b74a01ce279f4d
ebd372f243ba75497743387355196a8b2571875bee19808d6ce4e74e63c1ce80
ebe0f94ca53bc5f7d865f89aec5b0315bca03ace6942d6c1c76d94d5b59d419a
ec6caa922e7a91c9f35a576cd63162bbe4b6012e295f4bc590baad9e0a8b1712
ec79e2c7e2f0bf876ff017eab7fdd9c4d865aa48d47df1ca3ac0f08951bd3c85
ecbc3d8b4f1107a1d73822885fb2813c4c9f6fe637b1ca8588e024c7b705fb8f
ed1dc1c5987321ab91593c4cc06cc8d3c72963d86ba49ed6f39c120cebc11732
edcf250bd6056acb99a99f4e521f36db95f0c4cb46182d5fb11955732bb5d427
edd0e278e303c2e2eee1375c8a377804d2c6ccc6506207ad7cb71b19a10c66ad
edd925bab9d89c0e77eb8a40dcd335afa4a43b04b1bac5cf37ad484ca07de004
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee5eb451260b4a3fbdfbcadb9a9cc775d3388c9c7ae7ecae461f0a89b6f2ef44
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
eeddab2e9d415810189e8097c7596e14cfd882886f11a2cce6369f82864b436d
ef0e22f2cd7ab1c47df0b10b7ec82f5e507457383c8fd151b70aedbf2039c83b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3ac95e998315e0fae47007c4cd5de5881a1ee96d09b3176532e6fe76afe5f1
ef7c1d5a1b6622c9a653dd30000ba0f036ba272eec8f6822d533d7cafaa73460
ef919f75f2086fb89cd378747ce627b528d3b1615408a25a93654a279acb948b
efa5e125832873abce89a8003a73cc2da40824f21c3759294538bd9b288c09cc
f196df5e5c6074f779ef546fa69e4a204339b2f2f95da36eb72d2380ec0e57b3
f1a6bc2784da4d0864e7d7b903ef37e5f3faca8f1da364ef5c735df1d084b5c7
f1b332de80a7d68271fccf7163793dde09edaff493de50057ae566e4c5ddc7ac
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f222b7108cd774932011022de40a4b30fa0914c31273784a56927acd161d201a
f2765d7f4d82cb88e67387b5c6814153f4d684c8aefaafed982e2141a3563db8
f284f83c4585c0c7c5e4cee7592425e955ae0c0ffb11132c9d862bc0a524957c
f31cebb70c781c9da1053f8735fb79dd7ab33d6ab9a8c122ffcb52cbec3ce7be
f37d1ad4ff54c0819a950c6bf692c4294e593e2df41f3ad3f2cd11d281ebead0
f38faad9febeaa4ffa814a63624d6450dc453184f24ca5e89bbb83a50e169a58
f4cd27b5ef047a264e3a40b63ba85441de12d23d043a986d469ec1c757067090
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f5227ab6474a549c3942a7c0a1ac700aadc54428f8c97480ffdcf0c1dd4161fb
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5e06f7745ea2bc03e392efb7ef201f581eb5dcbc1219d2e68dd5b6f65d7b697
f5e1782ae715b07ebaf88adaf8298dddab402dfa4d99d3f09ded5d765797d81b
f6052a0edd05a86278628c6c7d1c990004548de9e358e6a9a95a6a3e710f3b62
f606f1235716b8d8331dafb7aa337d11c66ce838dd9be33109e8aeb0e3a38d02
f664f9b4778238305a19d5f33a4ae83963ac0e33d17d4e22ce6860d4172c5f91
f6a80e7f90477cd923b649f02e8cc5228fc0e3ac99902d61ceae3d03d599f3f2
f713d38ea987f9f5935cb4dc1780af08194cbed975eae239219d60722485b04e
f7274ba10554801c2589a0461ef72855be2ac1463f95598dd237822016a4de06
f7acaa7ace617964cd79de3287bfa740f1d3fbcbed82ea1d09cd94058d4b1281
f7baa7a3913d8782f3d20f1795e1d352e5d80a0183433c4ba234edbd64e57459
f86bef16c190006cbf5b68c68ceab38d5360d9fd6b2c47010265bd023fd4e939
f9e54c89f9278cf57b517f0054d1f9287a317be5eb9c6e91204404047702cb4b
fa33ec0e79985a44a434c1cf886940d2ef433f6760701d1a8298b35a0d9087f1
fad233c843b4aeaa0aeffb36a048451c978c0214a500ec8d833f4bb50a1f88e3
fadba8c6d5c24d8b9d9d6085687353e5f91ac56c1786d70ca388e62ce8307ec8
fbba1bef304177fb96026f34271c0d80f46137512237c6a95de0ece1ffa2807e
fd76c1c53327efdebc0cc8fa72bc2a12e7fbf424322d7be3541940e301381035
fda5f154e78fa9f70ea62d8390e3d7b76838b80a3d957e977055b5a1f37bf5e0
fdd266ab762eec4cebecb83d9f926c08ebfe383bb0586ffb16c28448a32ba68d
fe37e16097141d9843a641719a2556617b14545eb17170ff6b3e400d75752e24
ff00ae9f4975479e09a6a6375a6fcb987fe2f1834b1958c1ae719bfc76c7e810
ff63e17398eb9bde8cc691e42fc10b9a8f38b9a4f383cc7956680acdb492ab62
ff8c798f902a17c8ffa6debb90aaa68840fca2d3273d2700cbb03a49fb081a62
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876