sao-paulinos.net Open in urlscan Pro
45.224.128.101 Public Scan

URL:
https://sao-paulinos.net/
Submission: On December 04 via api (December 4th 2020, 1:04:26 am UTC) from BR

Summary HTTP 91 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 14 domains to perform 91 HTTP transactions. The main IP is 45.224.128.101, located in Xaxim, Brazil and belongs to GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR. The main domain is sao-paulinos.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 17th 2020. Valid for: 3 months.

This is the only time sao-paulinos.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	45.224.128.101 45.224.128.101	266912 (GUBAX SER...) (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO)
1	2a00:1450:400... 2a00:1450:4001:818::2008	15169 (GOOGLE) (GOOGLE)
7	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
1	78.140.185.34 78.140.185.34	35415 (WEBZILLA) (WEBZILLA)
3	2606:4700:303... 2606:4700:3036::681f:5cc4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
5	95.217.114.174 95.217.114.174	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2002	15169 (GOOGLE) (GOOGLE)
91	21

39 45.224.128.101 (Xaxim, Brazil)

ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR)
PTR: probr01.ferenz.com.br

sao-paulinos.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.185.34 (Netherlands)

ASN35415 (WEBZILLA, NL)
PTR: ap8.adplayer.pro

cdn.ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::681f:5cc4 (United States)

ASN13335 (CLOUDFLARENET, US)

ad.plus	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.217.114.174 (Finland)

ASN24940 (HETZNER-AS, DE)
PTR: ap10.adplayer.pro

serving.stat-rock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	sao-paulinos.net sao-paulinos.net	735 KB
15	googlesyndication.com f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	30 KB
8	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net	180 KB
5	ampproject.org cdn.ampproject.org	97 KB
5	stat-rock.com serving.stat-rock.com	2 KB
4	ad.plus cdn.ad.plus ad.plus	91 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	110 KB
2	gstatic.com fonts.gstatic.com	29 KB
2	googletagservices.com www.googletagservices.com	46 KB
2	google.com 1 redirects adservice.google.com www.google.com	849 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	67 KB
1	2mdn.net s0.2mdn.net	11 KB
1	google.be adservice.google.be	803 B
91	14

	Domain	Requested by
39	sao-paulinos.net	sao-paulinos.net
7	tpc.googlesyndication.com	sao-paulinos.net cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
7	securepubads.g.doubleclick.net	sao-paulinos.net securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	serving.stat-rock.com	cdn.ad.plus sao-paulinos.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ad.plus	sao-paulinos.net
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagservices.com	securepubads.g.doubleclick.net www.googletagmanager.com
2	imasdk.googleapis.com	cdn.ad.plus imasdk.googleapis.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	sao-paulinos.net ad.plus
1	googleads.g.doubleclick.net	sao-paulinos.net
1	www.google.com	1 redirects
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	s0.2mdn.net	imasdk.googleapis.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	cdn.ad.plus	sao-paulinos.net
91	20

This site contains no links.

Subject Issuer	Validity	Valid
orgulhodesercorinthians.sport365.com.br Let's Encrypt Authority X3	`2020-10-17` - `2021-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
cdn.ad.plus Let's Encrypt Authority X3	`2020-11-01` - `2021-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
serving.stat-rock.com Let's Encrypt Authority X3	`2020-10-11` - `2021-01-09`	3 months	crt.sh
*.google.be GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://sao-paulinos.net/
Frame ID: 1DD47A17A6ED674C4B8B6636AEC7817E
Requests: 71 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.427.1_en.html
Frame ID: A56C9B5E33799400246F0FEF2A86F279
Requests: 1 HTTP requests in this frame

Frame: https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6D321BABBF65DC5EAB2C970344D5CC34
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs
Frame ID: A1E4669F2D3EC6A7BC82EFE29748F0F8
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: E4DC6426F348D6406451BE46FF995932
Requests: 1 HTTP requests in this frame

Frame: https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 6D7FE70FE02EFF95B4E24B39C8ABC4E2
Requests: 1 HTTP requests in this frame

Frame: https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 208A6152467A122B8C957BADA29B7CE8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

91
Requests

99 %
HTTPS

81 %
IPv6

14
Domains

20
Subdomains

21
IPs

5
Countries

1418 kB
Transfer

3163 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sao-paulinos.net/ 62 KB
14 KB 1333ms
583ms Document
text/html 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: e80a72ab4569b4f2dce164857e0671e45879f53772b9dc34d6eb02f87fb68c93

Request headers

:method: GET
:authority: sao-paulinos.net
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
link: <https://sao-paulinos.net/wp-json/>; rel="https://api.w.org/" <https://sao-paulinos.net/wp-json/wp/v2/pages/1307>; rel="alternate"; type="application/json" <https://sao-paulinos.net/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: c7d_HTTP.200,c7d_front,c7d_URL.6666cd76f96956469e7be39d750cc7d9,c7d_F,c7d_Po.1307,c7d_PGS,c7d_
vary: Accept-Encoding
etag: "9384-1607043845;gz"
x-litespeed-cache: miss
content-encoding: gzip
date: Fri, 04 Dec 2020 01:04:05 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H3-Q050 200 style.min.css
sao-paulinos.net/wp-includes/css/dist/block-library/ 53 KB
7 KB 564ms
322ms Stylesheet
text/css 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Tue, 01 Sep 2020 19:11:51 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7455
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 styles.css
sao-paulinos.net/wp-content/plugins/contact-form-7/includes/css/ 2 KB
765 B 481ms
240ms Stylesheet
text/css 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 30 Nov 2020 21:46:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 621
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 front.min.css
sao-paulinos.net/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 563ms
321ms Stylesheet
text/css 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/plugins/cookie-notice/css/front.min.css
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 30 Nov 2020 21:47:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1008
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 style.css
sao-paulinos.net/wp-content/themes/sahifa/ 196 KB
35 KB 481ms
240ms Stylesheet
text/css 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 6b3342e740c0a7feb4c0e1e6afcdc536f9e1d150d602fa3949385715c36352ae

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 18:13:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35335
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 skin.css
sao-paulinos.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/ 7 KB
1 KB 550ms
308ms Stylesheet
text/css 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/css/ilightbox/dark-skin/skin.css
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1196
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 jquery.js Show response
sao-paulinos.net/wp-includes/js/jquery/ 95 KB
32 KB 562ms
321ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-includes/js/jquery/jquery.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32853
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 front.min.js Show response
sao-paulinos.net/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 552ms
311ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/plugins/cookie-notice/js/front.min.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 30 Nov 2020 21:47:05 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2080
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:818::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-158892387-18

Requested by

Host: sao-paulinos.net
URL: https://sao-paulinos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bff63a9436857edc92ce0e234c9e76f172910d0b75a1603586edea004425f6a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38751
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Dec 2020 01:04:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 53 KB
18 KB 102ms
39ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sao-paulinos.net
URL: https://sao-paulinos.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

5469cfdd1d2513a17f267caddc811cef2b037cc5d8f9173bd5ae88307ad29314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "713 / 996 of 1000 / last-modified: 1607037219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18406
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:06 GMT

GET
H2 200 adplus.js Show response
cdn.ad.plus/player/ 283 KB
89 KB 211ms
33ms Script
application/javascript 78.140.185.34
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ad.plus/player/adplus.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.140.185.34 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS: ap8.adplayer.pro
Software: nginx /
Resource Hash: 5b1af34a6ca35433a454864913562eb9652387e77ee5deb09508d7465c13689e

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: gzip
last-modified: Tue, 01 Dec 2020 09:12:16 GMT
server: nginx
etag: W/"5fc608f0-46d66"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=600

GET
H2 200 anchor.js Show response
ad.plus/ 337 B
874 B 36ms
13ms Script
application/javascript 2606:4700:3036::681f:5cc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.plus/anchor.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5cc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0a2b6abcb4ae85c935eeacbbdf7a92d8bdda81c8b6648ec0c6a43a4621b61b9

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2906
cf-polished: origSize=341
cf-request-id: 06cce02a27000005f9cba7e000000001
last-modified: Thu, 27 Aug 2020 17:48:03 GMT
server: cloudflare
etag: W/"155-5addf89b6fea9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fW1TZ15RSWrwKBIaLPzY6TSwytMk2Ot5QMjYDX1ucOvu0cFtsKGHWg3jBqL3uIz6FH%2FnpLTUD4ch2ref5jSO%2F%2F1yOT3oIKTQiUq3ntxJ63zIm1HT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5fc19c89dc2005f9-FRA
cf-bgj: minify

GET
H3-Q050 200 scripts.js Show response
sao-paulinos.net/wp-content/plugins/contact-form-7/includes/js/ 14 KB
4 KB 565ms
325ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/plugins/contact-form-7/includes/js/scripts.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 30 Nov 2020 21:46:27 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3700
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 smush-lazy-load.min.js Show response
sao-paulinos.net/wp-content/plugins/wp-smush-pro/app/assets/js/ 10 KB
4 KB 564ms
324ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Tue, 01 Sep 2020 20:28:29 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4062
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 tie-scripts.js Show response
sao-paulinos.net/wp-content/themes/sahifa/js/ 72 KB
20 KB 564ms
324ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/js/tie-scripts.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 20763
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 ilightbox.packed.js Show response
sao-paulinos.net/wp-content/themes/sahifa/js/ 78 KB
23 KB 563ms
324ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/js/ilightbox.packed.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23859
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 wp-embed.min.js Show response
sao-paulinos.net/wp-includes/js/ 1 KB
717 B 562ms
322ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-includes/js/wp-embed.min.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 668
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 search.js Show response
sao-paulinos.net/wp-content/themes/sahifa/js/ 15 KB
3 KB 562ms
323ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/js/search.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3390
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H2 200 wp-emoji-release.min.js Show response
sao-paulinos.net/wp-includes/js/ 14 KB
4 KB 237ms
237ms Script
application/javascript 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-includes/js/wp-emoji-release.min.js
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
last-modified: Wed, 12 Aug 2020 08:10:47 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4319
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 body-bg7.png
sao-paulinos.net/wp-content/themes/sahifa/images/patterns/ 21 KB
21 KB 237ms
237ms Image
image/png 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/images/patterns/body-bg7.png
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477

Request headers

Referer: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21146
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H2 200 fontawesome-webfont.woff2
sao-paulinos.net/wp-content/themes/sahifa/fonts/fontawesome/ 70 KB
70 KB 452ms
451ms Font
font/woff2 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/fonts/fontawesome/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Origin: https://sao-paulinos.net
Referer: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 71896
expires: Fri, 11 Dec 2020 01:04:06 GMT

GET
H2 200 74f966qb15c5ag8el0suw2gn9-652x330.jpg
sao-paulinos.net/wp-content/uploads/2020/12/ 37 KB
37 KB 875ms
874ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/12/74f966qb15c5ag8el0suw2gn9-652x330.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 55e54a5b315483747b1c5eb0ad1ad3cf7605fe14bfbca1cf5c1bb77094d664d9

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 03 Dec 2020 23:53:31 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37427
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 igor_gomes-sxo_paulo_crop1598267254086.jpeg_1902800913-660x330.jpeg
sao-paulinos.net/wp-content/uploads/2020/12/ 32 KB
32 KB 875ms
875ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/12/igor_gomes-sxo_paulo_crop1598267254086.jpeg_1902800913-660x330.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 4501f08f44b08fe15787b14d3c26deefdbe92ebe6dd686445d77981bc7ee8abc

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 03 Dec 2020 22:31:14 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32868
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 8817584_x720-660x330.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 51 KB
51 KB 875ms
874ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/8817584_x720-660x330.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 3b677564f7ad5cb83165583d3756a4104e6e1af5c6185fdef0ba0df6c4ceb604

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 19 Nov 2020 03:44:17 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 51921
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 vitinho-flamengo_crop1599672668195.jpeg_1902800913-660x330.jpeg
sao-paulinos.net/wp-content/uploads/2020/11/ 26 KB
26 KB 857ms
856ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/vitinho-flamengo_crop1599672668195.jpeg_1902800913-660x330.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: e33a135a898c0f35477346b2dd5a6d940ea44ba93e68e2fee712253deb8acd1b

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 19 Nov 2020 02:01:57 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26287
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 4-640x330.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 37 KB
37 KB 857ms
856ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/4-640x330.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: ddbef8a03bab91d7d25fc114fe8464b7c06fc5d39f054282f4f54de4a32721fe

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Sun, 15 Nov 2020 02:13:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38002
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 stripe.png
sao-paulinos.net/wp-content/themes/sahifa/images/ 93 B
124 B 803ms
802ms Image
image/png 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/themes/sahifa/images/stripe.png
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9

Request headers

Referer: https://sao-paulinos.net/wp-content/themes/sahifa/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Mon, 31 Aug 2020 18:13:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 93
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 sao-paulinos.net_.png
sao-paulinos.net/wp-content/uploads/2020/08/ 2 KB
2 KB 237ms
237ms Image
image/png 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/08/sao-paulinos.net_.png
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: f53472bc31cc369ba525358fcd2122efdc6903017967781f25f30db220656c36

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Tue, 01 Sep 2020 20:30:25 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1974
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 fortaleza-2019rogerio-ceni-tenico-contra-o-santos.jpeg.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 32 KB
32 KB 990ms
990ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/fortaleza-2019rogerio-ceni-tenico-contra-o-santos.jpeg.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 74cef3c7573a1617b96f1fb7fd339036102c6f9fd52f814b31a25a195619c70e

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Tue, 10 Nov 2020 01:45:20 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 32265
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 csm_fernando_goias_6375ddd77d-660x330.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 50 KB
50 KB 777ms
776ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/csm_fernando_goias_6375ddd77d-660x330.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 65c1c0eeb229b080ed6379dda1d900648dbfc32844146b49abbe3672e9d21f6b

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Wed, 11 Nov 2020 04:40:04 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 50714
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 fernando-diniz-01102020012258740.jpeg
sao-paulinos.net/wp-content/uploads/2020/10/ 9 KB
9 KB 991ms
990ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/10/fernando-diniz-01102020012258740.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 1538b950a1f52b7d0749ec95f809831d07980980ea6a0a2b19ab11ce3388de0c

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Fri, 02 Oct 2020 14:55:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9645
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 cvvvv-1-648x330.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 26 KB
26 KB 991ms
990ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/cvvvv-1-648x330.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 9e3b81e44356d8aff4bb3ed17c334cd8fb765bf50b05cc83d4663dd2b7a8ee23

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Wed, 04 Nov 2020 23:06:02 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 27008
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 catsewqe2e.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 68 KB
68 KB 785ms
784ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/catsewqe2e.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 97c12ea6389ecb4a0fe7dc239a4e88f168118df931c164c94c2eed0d6ed3e044

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Sun, 01 Nov 2020 20:36:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 69479
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 74f966qb15c5ag8el0suw2gn9-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/12/ 10 KB
10 KB 238ms
237ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/12/74f966qb15c5ag8el0suw2gn9-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: a1e03242f75b5a0d8d83594fb36fcdccfcb8f01ed20e74ad5cc7ce8ddaa3c93d

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 03 Dec 2020 23:53:29 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10688
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 igor_gomes-sxo_paulo_crop1598267254086.jpeg_1902800913-310x165.jpeg
sao-paulinos.net/wp-content/uploads/2020/12/ 11 KB
11 KB 239ms
238ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/12/igor_gomes-sxo_paulo_crop1598267254086.jpeg_1902800913-310x165.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 59774b592e270bea0d718de44349f2a4b2dadda1cc38f5d6b36b60024578f229

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 03 Dec 2020 22:31:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11272
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 8817584_x720-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 18 KB
18 KB 240ms
239ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/8817584_x720-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: eb4075a19e435aa791bba88d0b8c4840cc6808c971e17f80e8473e9dea30e8ff

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 19 Nov 2020 03:44:15 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18139
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 vitinho-flamengo_crop1599672668195.jpeg_1902800913-310x165.jpeg
sao-paulinos.net/wp-content/uploads/2020/11/ 9 KB
9 KB 241ms
240ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/vitinho-flamengo_crop1599672668195.jpeg_1902800913-310x165.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 9e9ef9e18752df042e471204f850307d02a4e0f7fff29f0536d15ce62cfc1adf

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
last-modified: Thu, 19 Nov 2020 02:01:55 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9323
expires: Fri, 11 Dec 2020 01:04:07 GMT

GET
H2 200 4-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 13 KB
13 KB 238ms
238ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/4-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: a55eca760921796cc585a625a5a2bd6700f668a9d39634497651fcf39a8d6c4c

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Sun, 15 Nov 2020 02:13:32 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13226
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 fortaleza-2019rogerio-ceni-tenico-contra-o-santos.jpeg-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 11 KB
12 KB 243ms
242ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/fortaleza-2019rogerio-ceni-tenico-contra-o-santos.jpeg-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 766d08cbac1dc0b08d83eaa0e02f2886f77e03956702c518ccefca55a0ea2fdb

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Tue, 10 Nov 2020 01:45:19 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11704
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 csm_fernando_goias_6375ddd77d-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 16 KB
16 KB 240ms
239ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/csm_fernando_goias_6375ddd77d-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 907495bd8699ce8f14b26d61e62d3f76d65f608abcd79c053cfb26b161c99a2b

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Wed, 11 Nov 2020 04:40:01 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16343
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 fernando-diniz-01102020012258740-310x165.jpeg
sao-paulinos.net/wp-content/uploads/2020/10/ 8 KB
8 KB 240ms
240ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/10/fernando-diniz-01102020012258740-310x165.jpeg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: 4ce9eb3c324821157d2ff94bb5d2a9c857b16d358b076224a7b87182ac872d0d

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Fri, 02 Oct 2020 14:55:59 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7876
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 cvvvv-1-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 9 KB
9 KB 239ms
239ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/cvvvv-1-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: a10a54ad04a17c22804785dcd796ccb69714ab60a42834df5c53c8377338d852

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Wed, 04 Nov 2020 23:06:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9182
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 catsewqe2e-310x165.jpg
sao-paulinos.net/wp-content/uploads/2020/11/ 15 KB
15 KB 240ms
240ms Image
image/jpeg 45.224.128.101
GUBAX SERVICOS EM...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao-paulinos.net/wp-content/uploads/2020/11/catsewqe2e-310x165.jpg
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.224.128.101 Xaxim, Brazil, ASN266912 (GUBAX SERVICOS EM TECNOLOGIA DA INFORMACAO, BR),
Reverse DNS: probr01.ferenz.com.br
Software: LiteSpeed /
Resource Hash: b88347fc49f3e5d2cc6264c8b5e7d3186718937c7f5fce6e2bc1ef7133c40204

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
last-modified: Sun, 01 Nov 2020 20:36:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15697
expires: Fri, 11 Dec 2020 01:04:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-158892387-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4485
date: Thu, 03 Dec 2020 23:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 04 Dec 2020 01:49:21 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
29 KB 64ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQKGBL4

Requested by

Host: ad.plus
URL: https://ad.plus/anchor.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c54190c1bc2404d12a164782aa1e08530cee8aad20c9a1646c4a871c0f7bb4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29113
x-xss-protection: 0
last-modified: Fri, 04 Dec 2020 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 04 Dec 2020 01:04:06 GMT

GET
H3-Q050 200 pubads_impl_2020111901.js Show response
securepubads.g.doubleclick.net/gpt/ 277 KB
98 KB 92ms
54ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 19 Nov 2020 09:45:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99950
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:06 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 58ms
19ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2033328721&t=pageview&_s=1&dl=https%3A%2F%2Fsao-paulinos.net%2F&ul=en-us&de=UTF-8&dt=S%C3%A3o-paulinos.net%20%7C%20De%20S%C3%A3o-paulinos%20para%20S%C3%A3o-paulinos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1847286922&gjid=1311956402&cid=214429200.1607043847&tid=UA-158892387-18&_gid=1559907721.1607043847&_r=1&gtm=2oub41&z=1919017230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 01:04:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao-paulinos.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1 Show response
serving.stat-rock.com/v1/placements/VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz/code/js/ 2 KB
1 KB 160ms
48ms XHR
application/json 95.217.114.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://serving.stat-rock.com/v1/placements/VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz/code/js/1?b=0.5080364308141818
Requested by: Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.174 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap10.adplayer.pro
Software: nginx /
Resource Hash: 561a066055c2e41cf8e6c6a242862b116fd3e5b5fc59d1aa3e5ea9eab251ba87

Request headers

Accept: */*
Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
server: nginx
srvb: 127.0.0.1:8082
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: https://sao-paulinos.net
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
srvf: 95.217.114.174

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
803 B 63ms
22ms Script
application/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=sao-paulinos.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 40ms
21ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=sao-paulinos.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
12 KB 441ms
439ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1694779363080282&correlator=3206651443568469&output=ldjh&impl=fif&eid=21065112&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201204&iu_parts=21849154601%2CAd.Plus-728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C468x60%7C220x90%7C300x75&prev_scp=site%3Dsao-paulinos.net&cookie_enabled=1&bc=31&abxe=1&lmt=1607043847&dt=1607043847062&dlt=1607043845819&idt=1218&frm=20&biw=1600&bih=1200&oid=3&adxs=562&adys=54&adks=2580085462&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsao-paulinos.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x-1&msz=728x-1&ga_vid=214429200.1607043847&ga_sid=1607043847&ga_hid=2033328721&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c1962f0c6f7a5d637e03c70f75b8e0d8f92a7dd0f3e8acfeb9d6c808b69b0b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12330
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sao-paulinos.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 64ms
20ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 86 KB
17 KB 289ms
288ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1694779363080282&correlator=3206651443568469&output=ldjh&impl=fif&eid=21065112&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201204&iu_parts=21849154601%2CAd.Plus-300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C200x446%7C240x400%7C250x250%7C250x360%7C120x600%7C300x250%7C160x600&prev_scp=site%3Dsao-paulinos-net&cookie_enabled=1&bc=31&abxe=1&lmt=1607043847&dt=1607043847071&dlt=1607043845819&idt=1218&frm=20&biw=1600&bih=1200&oid=3&adxs=995&adys=711&adks=171729575&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsao-paulinos.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=214429200.1607043847&ga_sid=1607043847&ga_hid=2033328721&fws=4&ohw=310&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e456d1025dea6d8fe79a347b5058f2261c5f3f30fba530ea0d7c21e49e547520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16498
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sao-paulinos.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 630 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 316 KB
109 KB 52ms
21ms Script
text/javascript 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.ad.plus
URL: https://cdn.ad.plus/player/adplus.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd42b0a8ba5c3c70f92708a2dcb18f76b0385b2cf63293e3d479d8ce2bc32d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111284
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:07 GMT

GET
H2 403 video.png
ad.plus/ 0
0 10ms
10ms Image
text/html 2606:4700:3036::681f:5cc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.plus/video.png
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5cc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 48ms
47ms Image
image/gif 95.217.114.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1607043847091.7803&type=INIT&placementId=VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz&tagId=R10f0ziyee4Eg7GJDzWnoufI9kddHAdbmOyQXReb7Pzjy5Z7hN4g&vtId=Nkc6OB1u250-HjFSH-djVvxw28m4wbGz0jGNJHTXK-LCRdfFjKKk&message=&u=https%3A%2F%2Fsao-paulinos.net%2F&t=207&v=78&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=620&z=p%3Apl%3Bv%3AinPage%3B&r=0.5697572515960705
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.174 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap10.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://sao-paulinos.net
Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.174
content-length: 35

GET
H3-Q050 200 bridge3.427.1_en.html
imasdk.googleapis.com/js/core/ Frame A56C 0
0 53ms
33ms Document
text/html 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.427.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.427.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sao-paulinos.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sao-paulinos.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 191898
date: Thu, 03 Dec 2020 09:00:01 GMT
expires: Fri, 03 Dec 2021 09:00:01 GMT
last-modified: Wed, 02 Dec 2020 16:12:34 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 57846
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 26 KB
11 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:81f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10523
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:07 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 51ms
50ms Image
image/gif 95.217.114.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1607043847091.7803&type=OPPORTUNITY&placementId=VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz&tagId=R10f0ziyee4Eg7GJDzWnoufI9kddHAdbmOyQXReb7Pzjy5Z7hN4g&vtId=Nkc6OB1u250-HjFSH-djVvxw28m4wbGz0jGNJHTXK-LCRdfFjKKk&message=&u=https%3A%2F%2Fsao-paulinos.net%2F&t=324&v=78&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=620&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.5348637021888467
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.174 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap10.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://sao-paulinos.net
Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.174
content-length: 35

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 49ms
49ms Image
image/gif 95.217.114.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1607043847091.7803&type=REQUEST&placementId=VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz&tagId=R10f0ziyee4Eg7GJDzWnoufI9kddHAdbmOyQXReb7Pzjy5Z7hN4g&vtId=Nkc6OB1u250-HjFSH-djVvxw28m4wbGz0jGNJHTXK-LCRdfFjKKk&message=&u=https%3A%2F%2Fsao-paulinos.net%2F&t=336&v=78&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=620&z=p%3Apl%3Bv%3AinPage%3Bc%3Agoogima%3Bt%3Aurl%3B&r=0.12835315604807596
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.174 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap10.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://sao-paulinos.net
Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.174
content-length: 35

GET
H3-Q050 200 container.html
f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6D32 0
0 54ms
33ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sao-paulinos.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sao-paulinos.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 04 Dec 2020 01:04:07 GMT
expires: Sat, 04 Dec 2021 01:04:07 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1606937775260285"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28382
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:07 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012010270040000/ Frame A1E4 180 KB
51 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57773
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51478
x-xss-protection: 0
server: sffe
date: Thu, 03 Dec 2020 09:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0305d7d21a7fe4a1"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 09:01:14 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A1E4 13 KB
5 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57782
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4850
x-xss-protection: 0
server: sffe
date: Thu, 03 Dec 2020 09:01:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "77bd676d834aaa8d"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 09:01:05 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A1E4 90 KB
27 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 58121
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27668
x-xss-protection: 0
server: sffe
date: Thu, 03 Dec 2020 08:55:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1304c1c0caf7ca3c"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 08:55:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A1E4 3 KB
1 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 57774
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1350
x-xss-protection: 0
server: sffe
date: Thu, 03 Dec 2020 09:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "12c034eb739190af"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 09:01:13 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame A1E4 41 KB
13 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 58473
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13075
x-xss-protection: 0
server: sffe
date: Thu, 03 Dec 2020 08:49:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e8a1dae72af56cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 08:49:34 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A1E4 3 KB
991 B 69ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 23:30:53 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
date: Fri, 04 Dec 2020 01:04:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:07 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/9578823326677890281/ Frame A1E4 677 B
832 B 60ms
39ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9578823326677890281/downsize_200k_v1?w=100&h=100

Requested by

Host: sao-paulinos.net
URL: https://sao-paulinos.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d8c61b7b46c4d214451eb2ff48a6c9d17ef2b6786077a65dc0c6ea2542c24b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 03 Dec 2020 16:52:56 GMT
x-content-type-options: nosniff
age: 29471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 677
x-xss-protection: 0
last-modified: Mon, 19 Nov 2018 20:40:05 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Dec 2021 16:52:56 GMT

GET
DATA 200
OK truncated
/ Frame A1E4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8bf5fa9162c1a506e761cf2b872ea7cfe6a0c967e321814c16e2f217067bf3f

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 pt_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A1E4 3 KB
3 KB 58ms
39ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt_bl.png

Requested by

Host: sao-paulinos.net
URL: https://sao-paulinos.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98750e5deb30bea0d8c3815096380cf6c6699a1401ee801141f3abf3a900bc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 22:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 8131
etag: 13845229921016599061
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2889
x-xss-protection: 0
expires: Fri, 04 Dec 2020 22:48:36 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A1E4 344 B
798 B 57ms
39ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: sao-paulinos.net
URL: https://sao-paulinos.net/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 34914
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Dec 2020 15:22:13 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A1E4 0
0 43ms
42ms Image
text/html 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ci-VgB4vJX-2uE9Xd7_UPxJWugAz4oKyeYMbdpp2KDLHtjsLhEhABIMb71nlguei-gNQBoAHAlO_8A8gBAeACAKgDAaoE1AFP0HxqTgjFVKacoNixSqnZjVhHEX1EB0VOMMevpRzB1C0-l-uXqYCHKUS-5uFG-X-2l2aCnb6a5DSrLm9fJIceT5iNdhTcHVNxeGAoMGDoEJVvYkfEY1tBgIioIrc_oY0LSTmE_ZYQhJKScwZGsGHo1outRCy8XwRTo9oJd2rT8zUmPtBjcV_S-DK5STn1z4BErCYz17kWEqfXMO3fR9xMEEhDi6SCui7nezpVs64rI0vmtzczM82Qlrl_7cp-wEokrJBvJlcrTVPv8tJn0yExK3ctRcAEq53-xPgB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB6jrkAOoB9XJG6gH8NkbqAfy2RuoB5SYsQKoB6XfG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxDGZdIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tNzg3NzMyMDUwMTY0NDU1OIAKA8gLAdgTDIgUAbIXGgoYCAESFHB1Yi00NTczMjMxNTUwMzU1MjIx&sigh=SN5nyN1sO94&template_id=5001&tpd=AGWhJmvvvtd260ePg_xHDUJwVbHCyv-2JwGkhX7WkKrAqNnaDw
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s20-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A1E4 14 KB
15 KB 55ms
33ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sao-paulinos.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 20:28:09 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 362158
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Mon, 29 Nov 2021 20:28:09 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame A1E4 14 KB
14 KB 50ms
34ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://sao-paulinos.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 29 Nov 2020 20:28:01 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 362166
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 29 Nov 2021 20:28:01 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A1E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: sao-paulinos.net
URL: https://sao-paulinos.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 04 Dec 2020 01:04:07 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 pt_bl.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A1E4 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt_bl.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98750e5deb30bea0d8c3815096380cf6c6699a1401ee801141f3abf3a900bc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 22:48:36 GMT
x-content-type-options: nosniff
server: cafe
age: 8131
etag: 13845229921016599061
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2889
x-xss-protection: 0
expires: Fri, 04 Dec 2020 22:48:36 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A1E4 344 B
369 B 6ms
6ms Image
image/png 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 03 Dec 2020 15:22:13 GMT
x-content-type-options: nosniff
server: cafe
age: 34914
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 04 Dec 2020 15:22:13 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 52ms
25ms XHR
application/json 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020111901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3db7548913f1815f858b23781f0fc29a67d933303d90b7742ebfd993c0d10a99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Dec 2020 01:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6535
x-xss-protection: 0

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQKGBL4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ae814e9dd0e21fd2786990083607c78995749fa6d177eac499c65ad9b158ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "713 / 928 of 1000 / last-modified: 1607037219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18406
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:08 GMT

GET
H2 200 adplus-advertising.svg
ad.plus/ 735 B
896 B 15ms
14ms Image
image/svg+xml 2606:4700:3036::681f:5cc4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.plus/adplus-advertising.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681f:5cc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Apr 2020 20:49:12 GMT
server: cloudflare
age: 3485
etag: W/"2df-5a27d2a9698fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YyA0QKleMFpuHCxiTZHUCAEIaUZHA1Af6DqTmbVLtaF9H73uCYQtERNUl0R9biBvdaolRY2yeDHgPXJTLYXpjcq7E8K1ZMPEppXRv2PauvEjWOsD"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 5fc19c9288f405f9-FRA
cf-request-id: 06cce02f92000005f9608db000000001

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 21 KB
9 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 00:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 8761
x-xss-protection: 0
server: cafe
etag: 16638491572200565323
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 04 Dec 2020 01:28:14 GMT

GET
H2 200 1
serving.stat-rock.com/v1/log/js/ 35 B
174 B 48ms
48ms Image
image/gif 95.217.114.174
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serving.stat-rock.com/v1/log/js/1?id=1607043847091.7803&type=DEFAULT&placementId=VzaR9pGI3zT-9HE-H4mwKCK-wVc2k01HM0Athf1LHALcens0eTMz&tagId=R10f0ziyee4Eg7GJDzWnoufI9kddHAdbmOyQXReb7Pzjy5Z7hN4g&vtId=Nkc6OB1u250-HjFSH-djVvxw28m4wbGz0jGNJHTXK-LCRdfFjKKk&message=&u=https%3A%2F%2Fsao-paulinos.net%2F&t=1163&v=78&p=2PkkHyMBMFIJuatuqVu0-GLeptj5JeNCA1N-kpuwKH9rZ-dT6f-r&width=620&z=p%3Apl%3Bv%3AinPage%3B&r=0.7547740163475687
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.114.174 , Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: ap10.adplayer.pro
Software: nginx /
Resource Hash: 0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Origin: https://sao-paulinos.net
Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
server: nginx
srvb: 127.0.0.1:8082
access-control-max-age: 86400
content-type: image/gif
access-control-allow-origin: *
srvf: 95.217.114.174
content-length: 35

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
26 KB 292ms
291ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1694779363080282&correlator=3206651443568469&output=ldjh&impl=fif&adsid=NT&eid=21065112&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201204&iu_parts=21849154601%2CAd.Plus-AI-Responsive&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280%7C300x250%7C400x300%7C480x320%7C320x250&cust_params=site%3Dtimao24h.com&cookie=ID%3D9f1cc0246d714575-22b0b3b154b90086%3AT%3D1607043847%3AS%3DALNI_MYoIJ1HshwnsEECuopfAyp2nDB0CA&bc=31&abxe=1&lmt=1607043848&dt=1607043848094&dlt=1607043845819&idt=1218&frm=20&biw=1600&bih=1200&oid=3&adxs=457&adys=940&adks=2805098077&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsao-paulinos.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=620x280&msz=620x280&ga_vid=214429200.1607043847&ga_sid=1607043847&ga_hid=2033328721&fws=0&ohw=0&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

d53a6d0bd611f51deea2923797602bd5127858708ad5af26d769281907f08b7d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9198454678659903042/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9198454678659903042/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7z0-2Qs-0CFZLGuwgdaDYFvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/9198454678659903042/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9198454678659903042/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9198454678659903042/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP7z0-2Qs-0CFZLGuwgdaDYFvw&gqi=&layout=/sadbundle/%24csp%253Der3%24/9198454678659903042/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26261
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 04 Dec 2020 01:04:08 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sao-paulinos.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Fri, 04 Dec 2020 01:04:08 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 14 KB
8 KB 377ms
376ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1694779363080282&correlator=3206651443568469&output=ldjh&impl=fif&adsid=NT&eid=21065112&vrg=2020111901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201204&iu_parts=21849154601%2CAd.Plus-Anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C960x90%7C750x100%7C950x90%7C468x60&cust_params=site%3Dtimao24h.com&cookie=ID%3D9f1cc0246d714575-22b0b3b154b90086%3AT%3D1607043847%3AS%3DALNI_MYoIJ1HshwnsEECuopfAyp2nDB0CA&bc=31&abxe=1&lmt=1607043848&dt=1607043848176&dlt=1607043845819&idt=1218&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1110&adks=4130540549&ucis=4&ifi=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fsao-paulinos.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=214429200.1607043847&ga_sid=1607043847&ga_hid=2033328721&fws=516&ohw=970&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

704e22a08e516f476b55753aebacc3f7102f55de9a31f71887fce141eeb0c969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 04 Dec 2020 01:04:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8483
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://sao-paulinos.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame E4DC 0
0 7ms
6ms Document
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sao-paulinos.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sao-paulinos.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4867
date: Thu, 03 Dec 2020 22:56:46 GMT
expires: Fri, 03 Dec 2021 22:56:46 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 7642
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 6D7F 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sao-paulinos.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sao-paulinos.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 04 Dec 2020 01:04:07 GMT
expires: Sat, 04 Dec 2021 01:04:07 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 container.html
f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 208A 0
0 7ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020111901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://sao-paulinos.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://sao-paulinos.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Fri, 04 Dec 2020 01:04:07 GMT
expires: Sat, 04 Dec 2021 01:04:07 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
58 B 22ms
21ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gpt_2020111901&jk=1694779363080282&bg=!Dg2lDS3NAAUbEDgJG1hnFvotv_gjAgIAAAFyUgAAAENoAQcKAUEzNf0Z4iotMmDuRDNoiuxxbaPv5QzNd920jw6u32t-h3V7AUhQKIbg1KKV-dTa62XuUaUqrb5hs_eaSYSqGWtsMKRwocNjhQ4zLnLeoFGBmTbtScEbvLF_J3EK0sr3RYpBKsx3S5mFk9Wd9YL02oLsafZ8_pnCXSms3K2nUUhd9HeKt2dfdrVj9TauJMWALzUo5Jvh2X62vgTchGlAfcYCo0rmyc3OxChJ2J5D25qVvV3yjQSN8sQyAxp2jTRbEPYxPA9XGTff9bYAFgR4camlCWW00yY-RPBdjglUgP5nHQFvkv5IAC0eLat393upxrIRAsFOanWGqx9_ZIWmDao8gr8H-7SkDDoEalp24ptu0UyIFke1c0kGw78s0QZBPmaH1BGhmxeoFJffuwhBXZJEryEhnTG2ntjz2xJPZIPTYm6ZAbntlLupFCIVPyU_CBunuIk5Od63nJ3gCsdnRCihmSqaHYzGVs3grZ28pOQG8gemD4EONP9M63jqSYb3HYOog3NsNCj2eEdUDctNJadbisJ1PZbk2kqnne_4lvfZeNJtzDyLKEcbs8v61XIQZ3UuEK1oVj06eP7RyDTp_16IExgmgpBYiKQGk_KRqryvRxEd502RdSVl2AdrqzLkn46TPC2Ai6c_HJzfDX2XTajweAWWDeurEZvR--vCxXxiixlsDlXZRFp-VmRelfk6leCt5IQEShJE1Rdz2jj2IEtT9sRDz_1QQcX7AYr8fLLWbd-SwLMoUh5nBS8gYjOSnd4M9qSsFjUvQad1baYFgvm9tgPZ7EG6bT_fTMRp9xmL2PN17kmzCqMRHeSXsbFOn2R7a7Q_VD-inQE9_8KwlfMnTNDvnDaqZL2ro7eSStbAgOCnWHov_m7juR4tXw7C0gmY2dHRmGH_71PJmg-O1V2Qq3xZSz4RAaTukYriJcf1GnJIaesMxqVM7cbuj7npnfagGSj5CTGuwjPGFkvaHA-wRxfJ_aqhN3lv3BuOvo4Z24-YQ8Y3VR2HwfS-oAM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 01:04:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A1E4 42 B
68 B 24ms
23ms Image
image/gif 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIQO9sM84axVCRg1o3bMTLg1q5E8oXSU8MyOicRnMMWrbPaStkYZrkxKY8xxF4NO2pm6fVShqgCh7ho2sybaUN6lKhon4yseVTGgrjHc6vf7omxG6LZM6R0DYjqQ&sai=AMfl-YTL-ntXSKwRWJsEujYoBxU031PqS0A9j2ncIB5aTxzeRpgSxqqMa28Ipj7Rk55eI0kN5vXErqEQGGth726HvLe2l5tfnZQtlO0WiAvbFvLg8xBfNuSJxcdiUMEaa_FH&sig=Cg0ArKJSzN94ioVjcUy_EAE&cid=CAASPeRo8HtetYQ6rISbaYLVIvWYWOj2UFOI6N5NFhwiKG9kfnBNuLtHZAsmMRp6NbbJADft5HILdeIq_BZNd8s&id=ampim&o=562,54&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=118&tls=1118&g=100&h=100&tt=1119&r=v&avms=ampa&adk=2580085462

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sao-paulinos.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Dec 2020 01:04:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sao-paulinos.net/	1970-01-19 14:24:03	Name: _gat_gtag_UA_158892387_18 Value: 1
.sao-paulinos.net/	1970-01-19 23:45:39	Name: __gads Value: ID=9f1cc0246d714575-22b0b3b154b90086:T=1607043847:S=ALNI_MYoIJ1HshwnsEECuopfAyp2nDB0CA
.sao-paulinos.net/	1970-01-19 14:25:30	Name: _gid Value: GA1.2.1559907721.1607043847
.sao-paulinos.net/	1970-01-20 07:55:15	Name: _ga Value: GA1.2.214429200.1607043847

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.mjs(Line 9) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://sao-paulinos.net/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.plus
adservice.google.be
adservice.google.com
cdn.ad.plus
cdn.ampproject.org
f6d8d810f652f2d460e4717b1eba46a2.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
s0.2mdn.net
sao-paulinos.net
securepubads.g.doubleclick.net
serving.stat-rock.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
216.58.206.2
2606:4700:3036::681f:5cc4
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::200a
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:814::200a
2a00:1450:4001:817::2001
2a00:1450:4001:818::2008
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2006
2a00:1450:4001:820::2001
2a00:1450:4001:820::2002
2a00:1450:4001:824::2002
2a00:1450:4001:824::200e
45.224.128.101
78.140.185.34
95.217.114.174
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
0d8c61b7b46c4d214451eb2ff48a6c9d17ef2b6786077a65dc0c6ea2542c24b7
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
1538b950a1f52b7d0749ec95f809831d07980980ea6a0a2b19ab11ce3388de0c
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f560c3e9fb5beeed86da7d5be1ae459c22af6ec1d58f77e2a89a20063ef7ba2
23c79bb552706be2ca97bdb259921e3269a5263326b147676c2f7909a45b58c9
2fa866f281364240678617640d2944c8927bb03588410dfec54a4a97641129e6
3b677564f7ad5cb83165583d3756a4104e6e1af5c6185fdef0ba0df6c4ceb604
3db7548913f1815f858b23781f0fc29a67d933303d90b7742ebfd993c0d10a99
4501f08f44b08fe15787b14d3c26deefdbe92ebe6dd686445d77981bc7ee8abc
477549a4d5fb644cda6bf64af01631b8411022d88e608bbd8e5a06e327b391cb
4ae814e9dd0e21fd2786990083607c78995749fa6d177eac499c65ad9b158ccf
4ce9eb3c324821157d2ff94bb5d2a9c857b16d358b076224a7b87182ac872d0d
52f668d0c674f4029e8e4ff528bcc1e51307e6568c03c9c6a4d3ba6c9ac1302e
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5469cfdd1d2513a17f267caddc811cef2b037cc5d8f9173bd5ae88307ad29314
55e54a5b315483747b1c5eb0ad1ad3cf7605fe14bfbca1cf5c1bb77094d664d9
561a066055c2e41cf8e6c6a242862b116fd3e5b5fc59d1aa3e5ea9eab251ba87
59774b592e270bea0d718de44349f2a4b2dadda1cc38f5d6b36b60024578f229
5b1af34a6ca35433a454864913562eb9652387e77ee5deb09508d7465c13689e
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
65c1c0eeb229b080ed6379dda1d900648dbfc32844146b49abbe3672e9d21f6b
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
69a5b5635e3f65d07c7acd4786ec59d4140d58540aa981b58e0b4319621bd9e8
6b3342e740c0a7feb4c0e1e6afcdc536f9e1d150d602fa3949385715c36352ae
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
704e22a08e516f476b55753aebacc3f7102f55de9a31f71887fce141eeb0c969
74cef3c7573a1617b96f1fb7fd339036102c6f9fd52f814b31a25a195619c70e
766d08cbac1dc0b08d83eaa0e02f2886f77e03956702c518ccefca55a0ea2fdb
7a6ac6e588a725241e6f43feaad46fb36de9682576f5f29c570edc3ec5247477
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
907495bd8699ce8f14b26d61e62d3f76d65f608abcd79c053cfb26b161c99a2b
949448840982c267cbacb0aadde067218f404646e15e92b72991715a2988d1f0
97c12ea6389ecb4a0fe7dc239a4e88f168118df931c164c94c2eed0d6ed3e044
98750e5deb30bea0d8c3815096380cf6c6699a1401ee801141f3abf3a900bc22
9e3b81e44356d8aff4bb3ed17c334cd8fb765bf50b05cc83d4663dd2b7a8ee23
9e9ef9e18752df042e471204f850307d02a4e0f7fff29f0536d15ce62cfc1adf
a10a54ad04a17c22804785dcd796ccb69714ab60a42834df5c53c8377338d852
a1e03242f75b5a0d8d83594fb36fcdccfcb8f01ed20e74ad5cc7ce8ddaa3c93d
a285337ae3fac1859a2f626f20d9a8d1a46e36e59ef427f85e7deda94afffb62
a55eca760921796cc585a625a5a2bd6700f668a9d39634497651fcf39a8d6c4c
a86753d4effe5e607d4eaf03fe37eccb8cac743a528f874f736f4d7f35e094b1
b10d4805bfd37702e61c9c03f784ed6ea227bca02c58fd8b139fbfc62f68df08
b2ab9ac436910017b9a2ca7db0e981bad3638db97f576d713eaa9b302e06c094
b61eb57ae77f31b91b04781da33023ecd897fda21f6c817e6c27623204046f42
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b88347fc49f3e5d2cc6264c8b5e7d3186718937c7f5fce6e2bc1ef7133c40204
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bff63a9436857edc92ce0e234c9e76f172910d0b75a1603586edea004425f6a6
c0a2b6abcb4ae85c935eeacbbdf7a92d8bdda81c8b6648ec0c6a43a4621b61b9
c1962f0c6f7a5d637e03c70f75b8e0d8f92a7dd0f3e8acfeb9d6c808b69b0b03
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c54190c1bc2404d12a164782aa1e08530cee8aad20c9a1646c4a871c0f7bb4e1
c8bf5fa9162c1a506e761cf2b872ea7cfe6a0c967e321814c16e2f217067bf3f
cd42b0a8ba5c3c70f92708a2dcb18f76b0385b2cf63293e3d479d8ce2bc32d1a
d53a6d0bd611f51deea2923797602bd5127858708ad5af26d769281907f08b7d
d6c6d0b6440485f2536e96758b074c4713ef69a56511f2af2128f23ce6eebdca
dbdcd5032177710f51c04a98ab8d155e72b8ea23f0f86fc504408b7fbe735639
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
ddbef8a03bab91d7d25fc114fe8464b7c06fc5d39f054282f4f54de4a32721fe
e33a135a898c0f35477346b2dd5a6d940ea44ba93e68e2fee712253deb8acd1b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e456d1025dea6d8fe79a347b5058f2261c5f3f30fba530ea0d7c21e49e547520
e80a72ab4569b4f2dce164857e0671e45879f53772b9dc34d6eb02f87fb68c93
eb4075a19e435aa791bba88d0b8c4840cc6808c971e17f80e8473e9dea30e8ff
ebab910fdc7c7e9e079caa9f7321177b135b2e1542f86ce36937ceb41865086d
eccd35a63a7b80bbfd3a64bb7be75b327bf9292b7c603c8d31c0247962223819
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f53472bc31cc369ba525358fcd2122efdc6903017967781f25f30db220656c36
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

sao-paulinos.net Open in urlscan Pro 45.224.128.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

91 Requests

99 %HTTPS

81 %IPv6

14 Domains

20 Subdomains

21 IPs

5 Countries

1418 kBTransfer

3163 kBSize

4 Cookies

0 Outgoing links

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sao-paulinos.net Open in urlscan Pro
45.224.128.101 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

99 %
HTTPS

81 %
IPv6

14
Domains

20
Subdomains

21
IPs

5
Countries

1418 kB
Transfer

3163 kB
Size

4
Cookies

91 HTTP transactions
2 data transactions