urlscan.io logo urlscan.io
SecurityTrails logo

nossopalestra.com.br Open in urlscan Pro
2606:4700:20::681a:e42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://nossopalestra.com.br/
Effective URL: https://nossopalestra.com.br/
Submission: On July 04 via manual from RO — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 85 IPs in 8 countries across 65 domains to perform 541 HTTP transactions. The main IP is 2606:4700:20::681a:e42, located in United States and belongs to CLOUDFLARENET, US. The main domain is nossopalestra.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2022. Valid for: a year.
This is the only time nossopalestra.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
9 192.0.77.37 2635 (AUTOMATTIC)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
15 216.58.212.130 15169 (GOOGLE)
4 52.95.143.2 16509 (AMAZON-02)
4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 151.101.130.207 54113 (FASTLY)
10 192.0.77.2 2635 (AUTOMATTIC)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 51.77.64.70 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
3 188.40.92.96 24940 (HETZNER-AS)
1 151.101.194.207 54113 (FASTLY)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
39 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 108.177.15.156 15169 (GOOGLE)
1 2 54.171.241.185 16509 (AMAZON-02)
28 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
3 15 142.250.74.194 15169 (GOOGLE)
3 5 104.18.19.126 13335 (CLOUDFLAR...)
3 5 185.89.211.12 29990 (ASN-APPNEX)
18 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... 16509 (AMAZON-02)
5 2600:1f18:1ac... 14618 (AMAZON-AES)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
2 2600:1901:0:7... 15169 (GOOGLE)
24 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
2 35.186.253.211 15169 (GOOGLE)
4 4 198.47.127.19 62713 (AS-PUBMATIC)
2 2 104.18.18.126 13335 (CLOUDFLAR...)
2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 69.173.144.139 26667 (RUBICONPR...)
1 1 34.251.55.128 16509 (AMAZON-02)
1 1 3.122.145.17 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
12 20 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2 142.250.185.134 15169 (GOOGLE)
6 6 104.111.239.217 16625 (AKAMAI-AS)
2 148.251.139.77 24940 (HETZNER-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 185.117.134.138 204006 (IQOPTION)
2 2 45.60.156.148 19551 (INCAPSULA)
7 14 2606:4700::68... 13335 (CLOUDFLAR...)
4 46.236.35.87 12703 (PULSANT-AS)
1 5.226.179.10 209242 (CLOUDFLAR...)
18 2606:4700:303... 13335 (CLOUDFLAR...)
2 143.204.89.34 16509 (AMAZON-02)
4 34.254.130.126 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 97 172.64.148.86 13335 (CLOUDFLAR...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.120.195.249 ()
4 160.8.14.13 ()
1 108.138.7.118 ()
2 2.16.186.25 ()
1 65.9.66.17 ()
3 108.138.7.40 ()
1 18.66.139.117 ()
4 2600:9000:214... ()
4 34.208.46.137 ()
1 3.68.5.33 ()
1 104.17.133.181 ()
1 185.89.211.117 ()
1 151.101.65.108 ()
1 45.135.121.72 ()
541 85
45    2606:4700:20::681a:e42 (United States)

ASN13335 (CLOUDFLARENET, US)
nossopalestra.com.br
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com
c0.wp.com
3    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
4    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net
securepubads.g.doubleclick.net
4    52.95.143.2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.eu-west-2.amazonaws.com
campaigns-ad.s3.eu-west-2.amazonaws.com
4    2606:4700:3035::ac43:9ecd (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pn.vg
cookies.pn.vg
api.pn.vg
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
b.admasters.media
r.admasters.media
5    2606:4700:20::681a:aa3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.grandepremio.com.br
2    2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
3    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
2    2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
1    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
sdk.mrf.io
10    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com
i2.wp.com
i0.wp.com
i1.wp.com
7    2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
3    2606:4700:3034::ac43:9689 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    188.40.92.96 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.96.92.40.188.clients.your-server.de
events.newsroom.bi
1    151.101.194.207 (United States)

ASN54113 (FASTLY, US)
flowcards.mrf.io
3    2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)
rtg.admasters.media
1    2606:4700:3036::6815:4698 (United States)

ASN13335 (CLOUDFLARENET, US)
a.cdn789.dev
39    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2606:4700:3035::6815:3249 (United States)

ASN13335 (CLOUDFLARENET, US)
osp-assets.pn.vg
api.pn.vg
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
18    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
4    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    108.177.15.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wr-in-f156.1e100.net
bid.g.doubleclick.net
2    54.171.241.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-241-185.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
28    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
5    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
5    185.89.211.12 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
18    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2600:9000:225f:3000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    2a02:26f0:3500:11::215:14dc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
10    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
24    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    34.251.55.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-55-128.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
1    3.122.145.17 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-145-17.eu-central-1.compute.amazonaws.com
d.agkn.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
2    2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
4    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
20    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
redirect.lista10.dev
gml-grp.com
2    142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net
ad.doubleclick.net
6    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
www.zenaps.com
2    148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de
banner.congstar.de
2    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
4    185.117.134.138 (Cyprus)

ASN204006 (IQOPTION, CY)
iqbroker.com
2    45.60.156.148 (United States)

ASN19551 (INCAPSULA, US)
affiliate.iqbroker.com
14    2606:4700::6811:5459 (United States)

ASN13335 (CLOUDFLARENET, US)
br.betano.com
4    46.236.35.87 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-35-87.servers.dedipower.net
track.webgains.com
1    5.226.179.10 (United Kingdom)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
members.bet365.com
18    2606:4700:3035::ac43:cf91 (United States)

ASN13335 (CLOUDFLARENET, US)
dailymarket.com.br
2    143.204.89.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-34.fra50.r.cloudfront.net
analytics.webgains.io
4    34.254.130.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
api.webgains.io
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2606:4700::6811:2e1e (United States)

ASN13335 (CLOUDFLARENET, US)
www.betano.pt
97    172.64.148.86 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pinnacle.com
guest.api.arcadia.pinnacle.com
racebook.pinnacle.com
2    2606:4700:3031::6815:2a29 (United States)

ASN13335 (CLOUDFLARENET, US)
admaxium.com
pixel.admaxium.com
1    34.120.195.249 (None, )

ASN- ()
o417691.ingest.sentry.io
4    160.8.14.13 (None, )

ASN- ()
pinnacle3.my.salesforce.com
1    108.138.7.118 (None, )

ASN- ()
static.hotjar.com
2    2.16.186.25 (None, )

ASN- ()
secure-ds.serving-sys.com
1    65.9.66.17 (None, )

ASN- ()
cdn.otherlevels.com
3    108.138.7.40 (None, )

ASN- ()
script.hotjar.com
1    18.66.139.117 (None, )

ASN- ()
vars.hotjar.com
4    2600:9000:214f:cc00:13:7e8a:aac0:93a1 (None, )

ASN- ()
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com
4    34.208.46.137 (None, )

ASN- ()
js-api.otherlevels.com
1    3.68.5.33 (None, )

ASN- ()
bs.serving-sys.com
1    104.17.133.181 (None, )

ASN- ()
www.br.betboo.com
1    185.89.211.117 (None, )

ASN- ()
secure.adnxs.com
1    151.101.65.108 (None, )

ASN- ()
acdn.adnxs.com
1    45.135.121.72 (None, )

ASN- ()
br.1xbet.com
Apex Domain
Subdomains		 Transfer
97 pinnacle.com
www.pinnacle.com — Cisco Umbrella Rank: 352816
guest.api.arcadia.pinnacle.com
racebook.pinnacle.com
2 MB
72 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
874 KB
48 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
bid.g.doubleclick.net — Cisco Umbrella Rank: 465
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
ad.doubleclick.net — Cisco Umbrella Rank: 189
324 KB
45 nossopalestra.com.br
nossopalestra.com.br
3 MB
28 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 2826
ad4m.at — Cisco Umbrella Rank: 2219
assets.ad4m.at — Cisco Umbrella Rank: 38009
1 MB
21 wp.com
c0.wp.com — Cisco Umbrella Rank: 6974
stats.wp.com — Cisco Umbrella Rank: 2694
i2.wp.com — Cisco Umbrella Rank: 6179
i0.wp.com — Cisco Umbrella Rank: 3319
i1.wp.com — Cisco Umbrella Rank: 6742
pixel.wp.com — Cisco Umbrella Rank: 2487
214 KB
18 dailymarket.com.br
dailymarket.com.br
386 KB
18 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
170 KB
14 betano.com
br.betano.com — Cisco Umbrella Rank: 113117
2 KB
14 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
3 KB
12 gml-grp.com
gml-grp.com — Cisco Umbrella Rank: 51075
7 KB
11 gstatic.com
www.gstatic.com
fonts.gstatic.com
322 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
326 KB
8 lista10.dev
redirect.lista10.dev — Cisco Umbrella Rank: 336046
5 KB
8 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 771
static.adsafeprotected.com — Cisco Umbrella Rank: 562
dt.adsafeprotected.com — Cisco Umbrella Rank: 481
94 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com
acdn.adnxs.com
9 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
6 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com — Cisco Umbrella Rank: 2733
20 KB
7 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 135
243 KB
7 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1942
use.fontawesome.com — Cisco Umbrella Rank: 964
ka-f.fontawesome.com — Cisco Umbrella Rank: 4239
190 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 18555
api.webgains.io — Cisco Umbrella Rank: 53778
103 KB
6 iqbroker.com
iqbroker.com — Cisco Umbrella Rank: 49834
affiliate.iqbroker.com — Cisco Umbrella Rank: 67258
4 KB
6 pn.vg
cdn.pn.vg — Cisco Umbrella Rank: 62978
osp-assets.pn.vg — Cisco Umbrella Rank: 76556
cookies.pn.vg — Cisco Umbrella Rank: 73814
api.pn.vg — Cisco Umbrella Rank: 81239
65 KB
5 otherlevels.com
cdn.otherlevels.com
js-api.otherlevels.com
6 KB
5 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
106 KB
5 google.de
adservice.google.de — Cisco Umbrella Rank: 7751
1 KB
5 grandepremio.com.br
www.grandepremio.com.br — Cisco Umbrella Rank: 766240
801 KB
5 admasters.media
b.admasters.media
rtg.admasters.media — Cisco Umbrella Rank: 250345
r.admasters.media
49 KB
4 antillephone.com
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com
52 KB
4 salesforce.com
pinnacle3.my.salesforce.com
23 KB
4 webgains.com
track.webgains.com — Cisco Umbrella Rank: 38795
174 KB
4 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14048
3 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
2 KB
4 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 101581
static-de.ad4mat.net — Cisco Umbrella Rank: 150263
8 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
5 KB
4 amazonaws.com
campaigns-ad.s3.eu-west-2.amazonaws.com — Cisco Umbrella Rank: 409904
91 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
196 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
66 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
lm.serving-sys.com Failed
23 KB
3 newsroom.bi
events.newsroom.bi — Cisco Umbrella Rank: 14558
2 KB
3 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211
63 KB
2 admaxium.com
admaxium.com — Cisco Umbrella Rank: 70538
pixel.admaxium.com — Cisco Umbrella Rank: 691115
35 KB
2 betano.pt
www.betano.pt — Cisco Umbrella Rank: 153884
528 B
2 conrad.de
www.conrad.de — Cisco Umbrella Rank: 53303
969 B
2 zenaps.com
www.zenaps.com — Cisco Umbrella Rank: 17689
1 KB
2 congstar.de
banner.congstar.de — Cisco Umbrella Rank: 77700
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
918 B
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1383
592 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1589
485 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 907
462 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1107
925 B
2 mrf.io
sdk.mrf.io — Cisco Umbrella Rank: 18704
flowcards.mrf.io — Cisco Umbrella Rank: 19311
23 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4033
27 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 630
97 KB
1 1xbet.com
br.1xbet.com
1 betboo.com
www.br.betboo.com
1 sentry.io
o417691.ingest.sentry.io
278 B
1 bet365.com
members.bet365.com — Cisco Umbrella Rank: 61612
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
98 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 557
760 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 3023
376 B
1 createjs.com
code.createjs.com — Cisco Umbrella Rank: 1291
63 KB
1 cdn789.dev
a.cdn789.dev
27 KB
1 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6301
189 B
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
541 65
Domain Requested by
69 www.pinnacle.com 1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com
www.pinnacle.com
45 nossopalestra.com.br 1 redirects nossopalestra.com.br
cdn.pn.vg
39 pagead2.googlesyndication.com campaigns-ad.s3.eu-west-2.amazonaws.com
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
bid.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
28 tpc.googlesyndication.com 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
26 guest.api.arcadia.pinnacle.com www.pinnacle.com
18 dailymarket.com.br r.admasters.media
dailymarket.com.br
18 s0.2mdn.net nossopalestra.com.br
s0.2mdn.net
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
15 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
15 securepubads.g.doubleclick.net nossopalestra.com.br
securepubads.g.doubleclick.net
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
www.googletagservices.com
14 br.betano.com 7 redirects redirect.lista10.dev
campaigns-ad.s3.eu-west-2.amazonaws.com
14 googleads.g.doubleclick.net 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
nossopalestra.com.br
pagead2.googlesyndication.com
googleads.g.doubleclick.net
12 gml-grp.com 12 redirects
12 assets.ad4m.at as.ad4m.at
10 fonts.gstatic.com fonts.googleapis.com
9 www.google.com 1 redirects 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 www.googletagservices.com 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
9 c0.wp.com nossopalestra.com.br
8 redirect.lista10.dev rtg.admasters.media
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
7 i.ytimg.com nossopalestra.com.br
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
nossopalestra.com.br
5 dt.adsafeprotected.com 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
5 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
www.pinnacle.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 i2.wp.com nossopalestra.com.br
5 www.grandepremio.com.br nossopalestra.com.br
4 js-api.otherlevels.com www.pinnacle.com
4 631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com www.pinnacle.com
4 pinnacle3.my.salesforce.com www.pinnacle.com
pinnacle3.my.salesforce.com
4 api.webgains.io analytics.webgains.io
4 track.webgains.com as.ad4m.at
4 iqbroker.com 2 redirects redirect.lista10.dev
4 www.awin1.com 4 redirects
4 image6.pubmatic.com 4 redirects
4 fonts.googleapis.com 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
googleads.g.doubleclick.net
dailymarket.com.br
www.pinnacle.com
4 campaigns-ad.s3.eu-west-2.amazonaws.com nossopalestra.com.br
4 www.googletagmanager.com nossopalestra.com.br
www.googletagmanager.com
dailymarket.com.br
4 cdnjs.cloudflare.com nossopalestra.com.br
3 script.hotjar.com static.hotjar.com
script.hotjar.com
www.pinnacle.com
3 rtg.admasters.media b.admasters.media
rtg.admasters.media
3 events.newsroom.bi sdk.mrf.io
3 ka-f.fontawesome.com kit.fontawesome.com
3 i1.wp.com nossopalestra.com.br
3 use.fontawesome.com nossopalestra.com.br
use.fontawesome.com
3 stackpath.bootstrapcdn.com nossopalestra.com.br
2 racebook.pinnacle.com www.pinnacle.com
2 secure-ds.serving-sys.com nossopalestra.com.br
www.pinnacle.com
2 www.betano.pt 1 redirects campaigns-ad.s3.eu-west-2.amazonaws.com
2 analytics.webgains.io track.webgains.com
2 affiliate.iqbroker.com 2 redirects
2 www.conrad.de as.ad4m.at
2 www.zenaps.com 2 redirects
2 banner.congstar.de as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 static-de.ad4mat.net as.ad4m.at
2 pixel.rubiconproject.com 2 redirects
2 ag.innovid.com googleads.g.doubleclick.net
2 ssum-sec.casalemedia.com 2 redirects
2 rtb.openx.net googleads.g.doubleclick.net
2 odr.mookie1.com googleads.g.doubleclick.net
2 cms.quantserve.com googleads.g.doubleclick.net
2 prod-rtb.ad4mat.net nossopalestra.com.br
2 fw.adsafeprotected.com 1 redirects 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
2 api.pn.vg cdn.pn.vg
api.pn.vg
2 i0.wp.com nossopalestra.com.br
2 static.addtoany.com nossopalestra.com.br
static.addtoany.com
2 code.jquery.com nossopalestra.com.br
2 cdn.pn.vg nossopalestra.com.br
cdn.pn.vg
1 br.1xbet.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 acdn.adnxs.com www.pinnacle.com
1 secure.adnxs.com secure-ds.serving-sys.com
1 www.br.betboo.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 bs.serving-sys.com secure-ds.serving-sys.com
1 vars.hotjar.com static.hotjar.com
1 cdn.otherlevels.com nossopalestra.com.br
1 static.hotjar.com nossopalestra.com.br
1 o417691.ingest.sentry.io www.pinnacle.com
1 pixel.admaxium.com admaxium.com
1 admaxium.com www.pinnacle.com
1 region1.google-analytics.com www.googletagmanager.com
1 members.bet365.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 r.admasters.media rtg.admasters.media
1 id.rlcdn.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 www.gstatic.com googleads.g.doubleclick.net
1 code.createjs.com s0.2mdn.net
1 static.adsafeprotected.com 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cookies.pn.vg cdn.pn.vg
1 osp-assets.pn.vg cdn.pn.vg
1 a.cdn789.dev nossopalestra.com.br
1 flowcards.mrf.io nossopalestra.com.br
1 pixel.wp.com nossopalestra.com.br
1 pro.ip-api.com campaigns-ad.s3.eu-west-2.amazonaws.com
1 sdk.mrf.io nossopalestra.com.br
1 stats.wp.com nossopalestra.com.br
1 kit.fontawesome.com nossopalestra.com.br
1 b.admasters.media nossopalestra.com.br
0 lm.serving-sys.com Failed secure-ds.serving-sys.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
541 106
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-05 -
2023-06-04		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.s3.eu-west-2.amazonaws.com
Amazon		 2021-12-09 -
2022-11-24		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
sdk.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh
edgestatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
*.cl03.k8s.mrf.io
R3		 2022-06-23 -
2022-09-21		 3 months crt.sh
flowcards.mrf.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-19 -
2023-02-20		 a year crt.sh
*.cdn789.dev
E1		 2022-06-20 -
2022-09-18		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2022-04-28 -
2023-05-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2022-04-10 -
2023-05-08		 a year crt.sh
tls.adobe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-30		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-13 -
2023-06-08		 a year crt.sh
bet365.com
Cloudflare Inc ECC CA-3		 2022-01-20 -
2023-01-19		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
pinnacle.com
Cloudflare Inc ECC CA-3		 2021-12-07 -
2022-12-06		 a year crt.sh
*.ingest.sentry.io
R3		 2022-06-21 -
2022-09-19		 3 months crt.sh
*.my.salesforce.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-19 -
2023-05-17		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
secure-ds.serving-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-05 -
2023-03-08		 a year crt.sh
*.otherlevels.com
DigiCert SHA2 Secure Server CA		 2020-08-25 -
2022-09-23		 2 years crt.sh
*.snippet.antillephone.com
Starfield Secure Certificate Authority - G2		 2022-04-02 -
2023-05-04		 a year crt.sh
bs.serving-sys.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.br.betboo.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-24		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.1xbet.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-05-18		 a year crt.sh

This page contains 60 frames:

Primary Page: https://nossopalestra.com.br/
Frame ID: 5CD641509649C475457C8F9372D8F40B
Requests: 141 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 74E3535BFFEDCEB416390E37FEAF9988
Requests: 1 HTTP requests in this frame

Frame: https://cookies.pn.vg/cookie.html
Frame ID: 49756133506A9FA77DE6DA7B1ED80DDD
Requests: 1 HTTP requests in this frame

Frame: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9E4A8E9BC897F33966E32847AB68A5CE
Requests: 1 HTTP requests in this frame

Frame: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E52645B6140A1CD55CDC09F2DFAC278D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Frame ID: 6B12E2545E51DAF4DD6AA03A5698DDA3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bbem2CZEc3Z7GBUXQuuN9f4k70xj8Az-r8Eo7--e9nA5ejotjBFXye466Df2opciSy3lUudhUiyk9-etKVcJ5E2y6a6ugLuxuZh2cuyn_0CRiuuPxnNrxDt6HDtGwWN4YT9U7AuvuDKxHoGT-SWQqvUBgWWw&cry=1&dbm_d=AKAmf-AAMZFK8i-Bxdwq_51vo9roSNe2IEsuIZYVOTWirEXJhZ2bNxs24p7BHbpIbOAwuuAjraoXLzN2G5_4qhS2-xr8cunmRj2UMVzjJRGiJTSN7jeR_KwD4M0lsqdyK5wXBiVjC4NiE5pAlawPCfepAh6cNRaz3yPVfKuxZzH_djXN3bz5JD0JU2jn8nlHX68DysqietEhBFaKoO_an_TztnuP5cK5EN2ksiiM4b6E41ARb7qHwLIAIeZu-yWqvh_jDPN5mLb_JLCNxF76rjYIaFgFAfOA_6W5RFMS1DOVEBNEar-mJCWUxjX1K-YmAJb5HoEFBhnobnsRww0QVYriWYEBpjQ7rTbjHC2vM5GeQOySQDvAVSvQBa3uya7vscgqj1sd-V0t2VCcjenrwp7avmo-t4W_QoY2uo98hLSnTKK6D6w_AGMjxNvtF9GqH988iEd1PYN1bM3rSqyRmVzmzDbP8rNesrZqeCN7DV-J4T4OGM50BGPGCe7dG-GbKap9koerjrs0waLiDauC9IT373SDUhBAi-k4FX8R-m09DvrFSpbTyWR1dqy_c53WNf8aJd6ReCXFzG0oGzT__Bd7LCgXSDm3nS83ABW2NJ-Bd_UVIw_qylwmQ2vusQoSb_IviAjU8QHwl859Gs5_KioY83-TbKTri5TMFoCmtyF4ZvDjBmRhrN3QM1Z6IHL3IpAs8eaCB-Sh-iUMV7eD0pnOvAIyEw5nJX-XPn_EzTdwGq2urmivuc6KQFiy5pc1klxYhawCDaAIBXVM7OazR_EZK0cRCzfW-vxTM-GirGZhEQu6kCibfswsOpJDoZaSx5eJW1uzL5dzzB6TOy9LkDQMUz-nRQgWP522RSlTbteVjcO2TxP-jj1Es9Ea4L7USTWAUh-XKv6VKpdEkBd2Xcvedpzgr18ooZvV0rzeIhT1gYZflLNN7wX-Nyo3KsSZ1KJGOSkJui3LwP-k23PwSTuxI4PCAkBULZqAQprAi0Uv4WC74TgooXAK6OroqZJ5YYNLKVSrl2Pgzb5LF1jKp-nchtDgPew8839a7ttLBSUwrlq7HidAhlY8zBxy5xcsxsTQZDHDqinaad2v50t1pSzUT9tTeBAfx5aTLY9pZCeIo5a8GB696EHgTtzdg-QV5Vs39gMY_-5LPlZGjOo69_TS4-I-M_dW-vrVpzmrA3xgXAd66OI2yuxZN0QJOumR2LFNqdadtdmMRD1GzJWZDcBqsInQ5h71wikbrtADRAL6DQyQq7tcAky4yBuZpXOBFjVD8UatBjhxp4Et3o3lQ9R7fmVsZvm8Gcvlsb4jX2quz2CxC4yfNE2dP0z4C2H9IExIbY3El6BZL5jn1n7sqxJOmvJlW8TUply8legIqn7WXE49s87mf-zr2W6CKgcRWDuvcFVmV_IqWRYEJDDzg8qLkvCkbE0eHbHnIGwhwW5LuKCXgblId_OHCUF4suRlfTvxF7CdA8uaZaJPkmA6ntdij7ENlW0zoQpWWZOsQXSZJOz082fz0objTlTMr-6HeHQsajvJnbN1jB9gKr4om4Dr5EUy57nrocgdeOWTxYoj_mCct4V4fHmWCElSO6Ne8rSDTL7j3hs3hPKidNwOZ1sTLznNJTQJNBI0TAmbFO-40UNgS1YFobM04cJdDK8ZgvHFF55dRiqfDdntC4wDaiExP1vZ-wnNXJtk8joAiloDbHC_E-NryjQB2VHgHsitYdOjTjQPNCGSILQ8_04uHJshd5WzHBJut4AQq9D5qzYJEaI83bR9YHcdeCGvMv9DybcL2DPS2y_gqRZDqG3EWNkUkyEFRQjRSRlm8eKWRmlcrSa0VpZIYERQjZf1uOeOrS9V8R8kwZzqryrEfKXRm3ZK_mPDpkUihjc4wsXpct6ikR4bK248nJh_l02e3wxgVmuip6aDvvbORPJBlqujwgSWZTsp-FF5rvAVCIn9H1LtAGYreXqt_9K4hirosfhdDePIVcseEQ9BnRGM35dHR6zyEJSLIzoaXaM87qjyfCZ583-_TrPnGtI_1aedBU4SVJsQOSohAE1Tn-hza6bO9TRGQWeQhYR4CoPk3pxeRk5Oww72cfd6KwZRrcVnvKwMTAKdNSf2qmjwTRdM6lWQtkLsRWOaEgmYPQOG7zZxevf8giNQZT78CYV8E9__InMY7WEZrZPe9zHD6jcwOPHsuB6dAFlrHDYAENSWsNGgDsexS0CE1_nalBk4obPBaN4r_ELvTW2efB898fdpAv1xn8nbAu6uh6FoyPZpn3yAW0UbQ0aWmIEqbLWU3QtVt9d-E9BYEzGRz_502-iwkwb6hLUlJA2cea_xo0k9U90W4gnyHNlbe6hW4GsST4U3KX37sBGEWLGtGbZtKIJFi2e3KAQx5Z0L3vmRNTBy64HxfTfFlOGJ74cFluQq3EYvUPpwr0mREP9v7FfEdXR_W0clGDs_AgbZaEQhPyFE1v-8c0kE1ZfBZlKsvQNpKjRQw-SgDvb4S8TFXZAeX7W0Pdb6Jhof2-zsau5ok3psIDqG-J2e0nYnKQo2Z_5B7geAgYaFu5AQogmcg-eUtfDvlCybWwOlcakCI6LZ54fZ0NcUfct7rPCDVtBgmGUDuo5-jfk7CWpVXYfeB-W3_qt_gVgT_8OYS3F7UFQef-lshSNOhqUwp7kls4Ok_UMkUcjYfc0c_DZpQQ-vAv-bnGxxK6czgfb2ZrWT0abYpAOFargg41OA1hdc1Z_lt156_2dFcqmei_ilGygHXTdfKZ8jd2QHylTRYBEdcl46tr3u02dVQYJXksEaZqf9tJI&cid=CAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyek&rfl=2%2Chttps%253A%252F%252Fnossopalestra.com.br%252F%240
Frame ID: E9C90825E5766CC28DE9682C045AD3FB
Requests: 19 HTTP requests in this frame

Frame: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0D0AA31ABD19A71644C8F0A329287065
Requests: 15 HTTP requests in this frame

Frame: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DDC6D3663A6E740E6B17BE2089075F75
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5AFBB610A18B4EF4007719EBFBB1AFBA
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Frame ID: CA3B1146E0207F90DCE48CC624EB9768
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 766CDCF4E1817858101E5A80FECD1DAA
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
Frame ID: A046CA9B3565615BBA6D88C68A848794
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755400&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825513&bpp=3&bdt=122&idt=147&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=6822089695726&frm=24&ife=3&pv=2&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.lt8s8cnyx6z5&fsb=1&dtd=161
Frame ID: BF4F323C64DC2792EA4655D02E97F7BD
Requests: 1 HTTP requests in this frame

Frame: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CF71215D1462A4827268E915180CC87
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Frame ID: 93DB176DC7816BA1A7A5CA70F53974FF
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825552&bpp=2&bdt=140&idt=158&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=2630849899687&frm=24&ife=3&pv=2&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ghc341jz09xo&fsb=1&dtd=171
Frame ID: 48E8A0F26FD21A6EC3D2CFC51767019B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Frame ID: E7A026EE9A311BDAEFB7FA6829CDB1D6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33416%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825894&bpp=4&bdt=167&idt=90&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=3700616043356&frm=24&ife=3&pv=2&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.opt3fx081cs&fsb=1&dtd=103
Frame ID: 33CE36FACF52F3E71C69BEA6B921D844
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Frame ID: 525BBB4EC407E550F0F81FDA5FFB2541
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 812FAB66D78C2FDB1178463161B66FC8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BA481895FAF65BE18F640275F157B58C
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=ClsY34Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTHAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NzKQAqSTElp6KzDmn3Nr7FMZD4edVO2RfbdUr-xBTnriQkqWSkneABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjgzMDkyNTcyMjkzMzQyNBgA&sigh=l7nFEOHU5u4&uach_m=[UACH]&cid=CAQSKQCNIrLMVta5cUCMve8nzbg0IGniRPXBdioM47cnwGeWFC7KJXEVtEk_GAE
Frame ID: 6AF63589B61042AEAA05C45667744DFD
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
Frame ID: 096969E45A2CB38D007AA02CD127CC4E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03836DE02859DFAFF3182BC8E56278F0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cls1v4p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMcBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-Bri7LegeNO6ZMY1B-TbYSg9_BlG7dMQaRuacvMqzrfUlAmEw1DxIAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02ODMwOTI1NzIyOTMzNDI0GAA&sigh=utb_TQEGbiY&uach_m=[UACH]&cid=CAQSKQCNIrLMatrK67gVPL-xuGOyemQLBhfqYoEY0dmGcn-ktaIr4RexWgfPGAE
Frame ID: A0BD6B453CDF5BD48DFF7290809B66E1
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
Frame ID: 506303FAEAF65E41772C56C6A0FA49FC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5110BC07F615159D45C4A181309DB975
Requests: 8 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: F1B09CDBF62AAAE82D30F989DD309EA8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Frame ID: 3E3C0C157B47AFDD99A81BE1CFD8C2D1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B32ED047EBF838EAED19245F088FBF04
Requests: 1 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=BAooiAAxAyjgF4fn
Frame ID: B8597C2AAE5856CA4FE73BA82E0D5EE9
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=Cqt3rsU5nDzXQpHa
Frame ID: 1CDCBFA1A51ABEB6F867230DD32B795B
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=gLytB68KW9ZeUQvs
Frame ID: 696DF982BF2E002F2CE8BE202F3F733A
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=9LQLZeJdVuNsZDaW
Frame ID: 437564BB3219FAC8F0DC89C479010FF2
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=N95K4rTkWVuvV8ku
Frame ID: 46E699F38D2465E8E113632F051C3EA8
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=8N4XKBc4QE72byNJ
Frame ID: 16B1BEACFF5C022AD9A4FF47E65E9AED
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=TtGdo9CoAtd4XKyW
Frame ID: 028529FDD7737F9A2B3DD47508FA8D2C
Requests: 2 HTTP requests in this frame

Frame: https://redirect.lista10.dev/click?click_id=hJZtDYBUov1RF6Ln
Frame ID: 109188B3D04352E491AFB68749085ECB
Requests: 2 HTTP requests in this frame

Frame: https://r.admasters.media/click?click_id=AyEBFC3e3dDaXYiB
Frame ID: 368D584D1CEE9E5C3D150FDD2AE8549F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A854AA2DD3B3FA64E29FA9F89D4B39FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 42C4749D72B5720C98A5B4C11540969E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B929395611E53905CD50E6E2EF96F500
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF96984DFA70345D1B581701E03F4553
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C12F67E8FA031C015BB7163ED634B6D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86BE541CE2E70B6ACFFB4AB0A24DCD30
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FA3528ACF24F81C12291D92FA9972A74
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 363421E3F2A4C7B2F746D42183821FF7
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Frame ID: C4460297CA61A85D8EAF8633361386FE
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Frame ID: 49C77016C65654F52C1B2235CB0F31A6
Requests: 14 HTTP requests in this frame

Frame: https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01088220&forcelp=1
Frame ID: 16B406A87E962B9F087EB801923DE111
Requests: 1 HTTP requests in this frame

Frame: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Frame ID: 9E5E510D649578A6CCB48752518FE844
Requests: 27 HTTP requests in this frame

Frame: https://br.betano.com/myaccount/ban/country-341630?siteid=14
Frame ID: E5036E16F2C4E5BAA4963B968BC9DC16
Requests: 1 HTTP requests in this frame

Frame: https://www.betano.pt/myaccount/ban/country-341630?siteid=14
Frame ID: 2F2D0B28F3964E288C1BAA53D73B1E76
Requests: 1 HTTP requests in this frame

Frame: https://www.pinnacle.com/?dvc=d
Frame ID: 0F52F3E254DB89083418C6CB28C41105
Requests: 114 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Frame ID: 35BB5460CDAAFD11808FD2E081FC349A
Requests: 1 HTTP requests in this frame

Frame: https://www.br.betboo.com/pt-br/mobileportal/bonuslandingpage?wm=5174560
Frame ID: CE7762F52CA88C626ABF09508928D417
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=21703538&t=1
Frame ID: FACE879D6D85C30DDF150B11D19DC79A
Requests: 3 HTTP requests in this frame

Frame: https://br.1xbet.com/?tag=d_733659m_97c_&site=733659&ad=97
Frame ID: 133E0D1BE3D8BC6AFB69B9A6BAB80739
Requests: 1 HTTP requests in this frame

Frame: https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.pinnacle.com/en/?dvc=d
Frame ID: 2039104793CFDA869F73C77C8614A119
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nosso Palestra - Palmeirenses que escrevem, analisam, gravam, opinam e noticiam o Palmeiras. Paixão e honestidade. - Notícias do Palmeiras

Page URL History Show full URLs

  1. http://nossopalestra.com.br/ HTTP 301
    https://nossopalestra.com.br/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*materialize(?:\.min)?\.css
  • materialize(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • serving-sys\.com/
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

541
Requests

94 %
HTTPS

51 %
IPv6

65
Domains

106
Subdomains

85
IPs

8
Countries

11568 kB
Transfer

25992 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://nossopalestra.com.br/ HTTP 301
    https://nossopalestra.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1&C=1
Request Chain 150
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKe4cfIkoufLZ.7zHRAsQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPYrdg9cM_QanX7FR41gb6M&google_cver=1&google_hm=2
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJgkIO8ISN2L3UBZK82cu0Y&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJgkIO8ISN2L3UBZK82cu0Y%26google_cver%3D1
Request Chain 152
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5OTE5MzQ1MjE3ODE5OTU1Ng%3D%3D
Request Chain 168
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968029/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnossopalestra.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fnossopalestra.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:1a4b1136-b322-be37-b852-d051bc8d547c,c:hnQuS1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-9wtxr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:d3ca12a8-fb6f-11ec-b47a-6e59c4fe91ea,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 235
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ6tRRfU3X34MM_MOMoJJhI&google_cver=1&google_push=ARnp8GDl0s-hHa4WfjbFa_Xi3oj74Pxj8QUXje2KL75jV-2y3EcHKyRrjGOdPEzbv4PrPXB9aXXoMRj51KuBaQqYlE2A-wzWIoNV HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ6tRRfU3X34MM_MOMoJJhI&google_cver=1&google_push=ARnp8GDl0s-hHa4WfjbFa_Xi3oj74Pxj8QUXje2KL75jV-2y3EcHKyRrjGOdPEzbv4PrPXB9aXXoMRj51KuBaQqYlE2A-wzWIoNV&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJfhBp04T8y64r7tIH6CAQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDl0s-hHa4WfjbFa_Xi3oj74Pxj8QUXje2KL75jV-2y3EcHKyRrjGOdPEzbv4PrPXB9aXXoMRj51KuBaQqYlE2A-wzWIoNV
Request Chain 236
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_cver=1&google_push=ARnp8GCvyxC6vFEx7wcYg3Yx8V2RXLAZHnx6Ns0Y1zukUu_mtjD1PDSDM1VLWODsouc1rpYI45GwF0oDBO2MOa1vi4zKGZ0bizAe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCvyxC6vFEx7wcYg3Yx8V2RXLAZHnx6Ns0Y1zukUu_mtjD1PDSDM1VLWODsouc1rpYI45GwF0oDBO2MOa1vi4zKGZ0bizAe
Request Chain 241
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 246
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ6tRRfU3X34MM_MOMoJJhI&google_cver=1&google_push=ARnp8GA9ViTySMGw9-LtBj7LURhh1961JB0a3bUDfVr6pQnsmgsTRqYCXNGt4HBc872_ZFxivDD5BPgmf95qFWns21RwG_hUwTs3 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJ6tRRfU3X34MM_MOMoJJhI&google_cver=1&google_push=ARnp8GA9ViTySMGw9-LtBj7LURhh1961JB0a3bUDfVr6pQnsmgsTRqYCXNGt4HBc872_ZFxivDD5BPgmf95qFWns21RwG_hUwTs3&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuALwqM1ThKkwpCtzkp5mA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA9ViTySMGw9-LtBj7LURhh1961JB0a3bUDfVr6pQnsmgsTRqYCXNGt4HBc872_ZFxivDD5BPgmf95qFWns21RwG_hUwTs3
Request Chain 247
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvRE9SA0xQqArzvp2CAvOw&google_cver=1&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6ZeSSnusTGBpnURXHllMIK8WroU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSDAtMy02SzJS&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6ZeSSnusTGBpnURXHllMIK8WroU
Request Chain 248
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_cver=1&google_push=ARnp8GCnKVTLln8cbtrimnEtj1zHuwMf3dA_pCbcaZbOJT24wiwMxctW095YRXGvroWLI0xHGyP4CecS45VRUfZmW6pKY44tDFo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCnKVTLln8cbtrimnEtj1zHuwMf3dA_pCbcaZbOJT24wiwMxctW095YRXGvroWLI0xHGyP4CecS45VRUfZmW6pKY44tDFo
Request Chain 266
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHsqiir5hBHSZ1P02IXAnrp-eZxCRveieY56fgpnxCGM5lMv2eoydgiYMmQL&google_gid=CAESEOiwZq3KRXi4pOECWh_SCsc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNLZTRnQUFBWGl5dm5nNA&google_push=ARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHsqiir5hBHSZ1P02IXAnrp-eZxCRveieY56fgpnxCGM5lMv2eoydgiYMmQL
Request Chain 267
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELDLOxRGI-5M413Nvqmy6KY&google_cver=1&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo&google_hm=Q0FFU0VMRExPeFJHSS01TTQxM052cW15NktZ
Request Chain 269
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvRE9SA0xQqArzvp2CAvOw&google_cver=1&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74wfbc9N0lJ1VlL7LsuP2Zzr5qy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSTktMTYtQTlYWQ==&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74wfbc9N0lJ1VlL7LsuP2Zzr5qy
Request Chain 328
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNOkoOfi3vgCFUPBuwgdWxMP4Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d4af1b70-fb6f-11ec-aec4-2237da5287b3
Request Chain 333
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=d49e2b80-fb6f-11ec-9435-22651120a0a6&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49e2b80-fb6f-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 337
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d49c7dd0-fb6f-11ec-9435-22651120a0a6
Request Chain 342
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.zenaps.com/cshow.php?pvr=d49c56c2-fb6f-11ec-aec4-2237da5287b3&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49c56c2-fb6f-11ec-aec4-2237da5287b3&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 346
  • https://iqbroker.com/lp/mobile-partner/en/?aff=298933 HTTP 302
  • https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933 HTTP 302
  • https://iqbroker.com/lp/mobile-partner/pt/
Request Chain 347
  • https://gml-grp.com/C.ashx?btag=a_13795b_1820c_&affid=3237&siteid=13795&adid=1820&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13795b_1820c_&affid=3237&siteid=13795&adid=1820&c=&AutoR=1 HTTP 302
  • https://br.betano.com/offers/casino/?btag=a_13795b_1820c_[CustomMergeFields]&siteid=13795 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 353
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=&AutoR=1 HTTP 302
  • https://br.betano.com/offers/casino/?btag=a_13918b_1819c_[CustomMergeFields]&siteid=13918 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 354
  • https://iqbroker.com/lp/mobile-partner/en/?aff=298933 HTTP 302
  • https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933 HTTP 302
  • https://iqbroker.com/lp/mobile-partner/pt/
Request Chain 355
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=&AutoR=1 HTTP 302
  • https://br.betano.com/offers/casino/?btag=a_13918b_1819c_[CustomMergeFields]&siteid=13918 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 356
  • https://gml-grp.com/C.ashx?btag=a_13793b_1238c_&affid=3237&siteid=13793&adid=1238&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13793b_1238c_&affid=3237&siteid=13793&adid=1238&c=&AutoR=1 HTTP 302
  • https://br.betano.com/register/?btag=a_13793b_1238c_[CustomMergeFields]&siteid=13793 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 373
  • https://br.betano.com/?btag=a_8563b_888c_&affid=1654&siteid=8563&adid=888&c= HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 377
  • https://gml-grp.com/C.ashx?btag=a_13793b_1819c_&affid=3237&siteid=13793&adid=1819&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13793b_1819c_&affid=3237&siteid=13793&adid=1819&c=&AutoR=1 HTTP 302
  • https://br.betano.com/offers/casino/?btag=a_13793b_1819c_[CustomMergeFields]&siteid=13793 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
Request Chain 406
  • https://www.betano.pt/landing/308922/?btag=a_8880b_944c_&affid=1229&siteid=8880&adid=944&c= HTTP 302
  • https://www.betano.pt/myaccount/ban/country-341630?siteid=14
Request Chain 408
  • https://www.pinnacle.com/?dvc=d&btag=a_27754b_17506c_&refer=XAFF5905 HTTP 302
  • https://www.pinnacle.com/?dvc=d
Request Chain 409
  • https://gml-grp.com/C.ashx?btag=a_13795b_1238c_&affid=3237&siteid=13795&adid=1238&c= HTTP 302
  • https://gml-grp.com/C.ashx?btag=a_13795b_1238c_&affid=3237&siteid=13795&adid=1238&c=&AutoR=1 HTTP 302
  • https://br.betano.com/register/?btag=a_13795b_1238c_[CustomMergeFields]&siteid=13795 HTTP 302
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14

541 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nossopalestra.com.br/
Redirect Chain
  • http://nossopalestra.com.br/
  • https://nossopalestra.com.br/
82 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ebf724b3a154d3b37a8cbeeb4a216e4734ba137f938c7d3e929b4dfb3ef6de
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-apo-via
tcache
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
72565893cd5a59c5-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 08:03:43 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Mon, 04 Jul 2022 08:01:09 GMT
link
<https://nossopalestra.com.br/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVfW6CFROPGd%2FuzuE362nL1t%2F3Xqt%2Fqj%2F%2B5G0uZZg2TPMGsMtjUo%2Fk8BSXe7rtdZ9mh845zh5s4U04dDz8zyQ6xCtbv1uIrQA9vP%2BsjG9vbSzqXc48YI0gpfBjYKmRcqp4cBYcy4n8r26gKZsDPTaonE"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

CF-RAY
725658935f18bac3-MXP
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 04 Jul 2022 08:03:43 GMT
Expires
Mon, 04 Jul 2022 09:03:43 GMT
Location
https://nossopalestra.com.br/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TpuktEzkgoX91klqIrwfyL6u4HsBd4LjH3WGOLrD85w8ug6jcReyA7jFGYpxQorYPfxaARhY4ggsUEAQPwwyO878FohZIViedHxteUnR3nBbBrTLgSr%2BgaLK%2BQrLnPdqFGJGkdufWxrdN978ALivnGx"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
materialize.min.css
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/ 		139 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/css/materialize.min.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2197771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17475
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efe-22a11"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IVTRKht%2FlKnLaV4mNUmgZ%2BgbEKYV209OD4LerJ3Wzbwu28vXj%2B7dbl96UnM478qSTM%2BSR2clwD2tc6m2KFGr%2Bqzs%2BFDQnTa7w9jAFOp5tQcZ%2F0tmeS18JlfwtE1o7NpzWbLr%2Brj%2FkNdHh2WXOxCbo7Tn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
725658985f1623c7-ZRH
expires
Sat, 24 Jun 2023 08:03:44 GMT
style.min.css
c0.wp.com/c/5.8.4/wp-includes/css/dist/block-library/ 		79 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/css/dist/block-library/style.min.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Wed, 01 Sep 2021 04:05:58 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
mediaelementplayer-legacy.min.css
c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/ 		11 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Tue, 29 Sep 2020 15:53:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
wp-mediaelement.min.css
c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/mediaelement/wp-mediaelement.min.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Fri, 07 Jun 2019 20:45:02 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
bbp-voting.css
nossopalestra.com.br/wp-content/plugins/bbp-voting//css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/bbp-voting//css/bbp-voting.css?ver=1628700272
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eed2e76e3f0e29a5452bf4afff5cd766df0dea18a09da0a8b7a074d47a961a9f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2700
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Aug 2021 16:44:32 GMT
server
cloudflare
etag
W/"6113fe70-a8c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08IyTPyHb%2Fy67c%2FnTV2GyBKEvAT9FhIdY1xHFLxMxoxQDOD6PT%2Blb%2Fbkd8UogwTyOheNqpJGAb1w2NMLumS5voWI8mLYbVZ4NqTDoZzpZU7Dy3doT6tPRP2CN579rJOBbPNdeea6jOmQLXfrKp3fImrA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658983b2a59c5-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
bbpress.min.css
nossopalestra.com.br/wp-content/plugins/bbpress/templates/default/css/ 		29 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/bbpress/templates/default/css/bbpress.min.css?ver=2.6.6
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 19:05:12 GMT
server
cloudflare
etag
W/"6112cde8-75bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glgA8s8sPwK1MyHLUWQujeRJfD5%2FPy1zRjqgxurDIFgK2qurRoQXIEt2C7znY97mWZArO2c%2BmeJPer0JmQmKJfVzWgRs8BbXoqXVcasYedoD35uDkocBXtf26wpmaS6VAzUl0fnnezfe%2FQrYD%2BV3j2rj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658983b2b59c5-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
bspstyle.css
nossopalestra.com.br/wp-content/plugins/bbp-style-pack/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/bbp-style-pack/css/bspstyle.css?ver=4.8.9
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faad544bbecebe01ecce4d07cc9d12a8244dc15dbe9f465efcd1f0f9b7345604
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=12766
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 11 Aug 2021 12:29:23 GMT
server
cloudflare
etag
W/"6113c2a3-31de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVW5oX1KbqVWTkLehFcPtAF2JJ4MokWWFytHknYOT%2B%2FmZ6gXLBdljcCQPmffsMBFUMLVm3s1D5f7nrYYaRnarroYZXOmUtD5KCTmUQwMM6ZhLEvrcNX1lMIZMa9CIsNClIxpyUINrBcmLT6gFCsYn9Sj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658983b2d59c5-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
dashicons.min.css
c0.wp.com/c/5.8.4/wp-includes/css/ 		58 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/css/dashicons.min.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Wed, 03 Mar 2021 21:16:22 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
addtoany.min.css
nossopalestra.com.br/wp-content/plugins/add-to-any/ 		1 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 13:05:21 GMT
server
cloudflare
etag
W/"61127991-5ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJpmFwGFqTG9flsQeKySXnUa9m6dvA0E5bId9oQ8oGwnD9v7v0k6jz9VOhKB3XvbXQeapYUD1Fs%2FQ5wazy%2BusbRi518GhUXkcy%2Fmv%2ByGmyHMtcN8kFGdFKJnD2q1AgGItt19%2F21fwsRUsMLQSZn%2FZlN9"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658983b2f59c5-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/ 		157 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/css/bootstrap.min.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
565, 617, 617
age
9936945
cdn-cachedat
2021-06-08 14:20:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
53883c612a8142757287eaef08284b29
cf-ray
725658993d65020d-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
reset.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/css/reset.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7e6698201220d0088b69071db607a344c0579dc2138bbfdc6d1631f4e20c25
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=7698
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:04:15 GMT
server
cloudflare
etag
W/"5f08593f-1e12"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOdnTcLyzBXsaf%2FBXhY8SCNyQKuERPFXZ1Ap8b6Dcoa%2FMrNlcmJL7yZuHwFD7rty6aZ52FjO3%2BcDayg%2FDY6Eq%2FEEZFLMgYqwmn%2B4H%2FyD2oRUzwEhDljm0ld6w6dhIE5FjTVAAN5gsV%2BNkwas6zfPS4ek"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bbb83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
owl.carousel.min.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/assets/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/assets/owl.carousel.min.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:05:44 GMT
server
cloudflare
etag
W/"5f085998-d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uUr8d4AswImov%2FZTaMldG2KfgBOaplaQu6BMZ5Z589ZroHyx4R1gevGwXrOuyL2xVHXtrsWCCP355gHZvrSRYTpME81AOTOO%2FLv04AIiWtPNh1YR9G9jDxI7%2F9KPb%2B1eUZsxDORdv3IM%2FTXrL%2BuXwokv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bbd83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
owl.theme.default.min.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/assets/ 		1013 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/assets/owl.theme.default.min.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:05:46 GMT
server
cloudflare
etag
W/"5f08599a-3f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw6sl1clmqmzxCECcz13DqCWnp9FRs%2Be45eYbP%2Fchlk8UzmL29US2JrEkQfcxgmlcdYfuNBFaLfTv9rsj9SBAKtcRU1L0P7%2BtoZccUujsBOmI45kL3t74Mz2dgTDIN0TsuJVjF44kMUf2J04AXEF54iE"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bbe83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
colorbox.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/colorbox/example3/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/colorbox/example3/colorbox.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad5dcbded1af22a7202290c063b1612da155ec9d399050633f583ca4eb9ca98a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=3025
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:10:23 GMT
server
cloudflare
etag
W/"5f085aaf-bd1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zGp1TYBPIwB40hN4L2DyCfRYToO9R8lbmYy%2BqFVJkz6wMYBnKRi26MbkViae9UQi38ZogHRgVTn6TEzDGvzpz1zWVZxa6qu%2F9snvsGMv65j0froHmAhYZ1Ga9raZJzWDVERo8gB%2FOX%2FKTo80TXNfxOd"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bbf83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
flag-icon.min.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/flag-icon-css/css/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/flag-icon-css/css/flag-icon.min.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:11:40 GMT
server
cloudflare
etag
W/"5f085afc-841a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr5K2ouU6%2FTcvZt0dAr3kufpyhCNKHqNQGh3%2B656pVu3ZH1FAuGuc4j3kQJkIihdNz30BMLaQHC7%2BaQtchhH5B0WFnf6bAmV3lbec%2BRxNQ19yDi7BPYhzlS%2Br0U9FIMBmx095IkhDIfpiukRa0bbhmgi"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bc183af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/ 		70 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.0.0/animate.min.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2097902
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4216
timing-allow-origin
*
last-modified
Thu, 07 May 2020 16:26:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb436a8-11848"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91eOtI4twzDCq6eOJiSuMQ1D6nJWYV0t8SlmOJJT%2FwTU%2BheJTguBMWtRYGH8Y9hGQskmLBNhi7p0TODqPXxlRZWslBCcq4l2AYOTvY70u7SAFCe8F3PSHAG1N%2FwUT53C8gfgw8ucdO7diKxyKQ3e7bbu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
725658987f3723c7-ZRH
expires
Sat, 24 Jun 2023 08:03:44 GMT
style.css
nossopalestra.com.br/wp-content/themes/grandepremio/ 		45 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/style.css?v=040722080109000000&ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a263afc16d9dd4d23a5b70e76bffd65ab267378a63813dc91da8dd34b293dd2d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=55432
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 23 Jun 2022 20:37:13 GMT
server
cloudflare
etag
W/"62b4cef9-d888"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtuOxMshrYAFAVth5K9qBCJS%2FVosfCa6pddL%2FQrAeDWiQ8gu9n2fmRnNr8z4zFrCQgEQ1RWKhk5z9ZU5OrEA%2BfD9PN%2FyHKPygGSyT%2B21v230yxJTZIrUJC%2BPPLWgb8Qk3yd%2BKR06gYTdp81oSzqbw1yF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bc383af-MXP
expires
Wed, 03 Aug 2022 08:02:33 GMT
displays.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/css/ 		7 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/css/displays.css?v=040722080109000000&ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07d294d292e8ea3a1402733161f5e960b0f44eedab2947cb78d879dde859b8b7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=9331
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 17 Dec 2021 14:13:37 GMT
server
cloudflare
etag
W/"61bc9b11-2473"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9vPsTb3EY4LAceCB%2FXJq64cd%2BjKI6w9lrd1Fcnjre3jXZWTmwLgLTI42zmNbwMv74pW0Eu85kmkZG66VyOqLBfTtuuFA%2FirKZpfTf%2FzLzw2Mjp7RJ1T7Aja%2BDXtOlHkrNlm7vyaCr83%2FOwDAMeRHo4C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bc583af-MXP
expires
Wed, 03 Aug 2022 08:02:32 GMT
jetpack.css
c0.wp.com/p/jetpack/10.0/css/ 		85 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.0/css/jetpack.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Tue, 03 Aug 2021 16:19:12 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
wp-paginate.css
nossopalestra.com.br/wp-content/plugins/wp-paginate/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/wp-paginate/css/wp-paginate.css?ver=2.1.7
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4787ba478d2dff0045aa107066738343a8ccf37921223a1448b53cfe1ac5826d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=2730
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 21 Jul 2021 18:44:15 GMT
server
cloudflare
etag
W/"60f86aff-aaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sf0qdIlYdbh1H9y%2F75P8qxA3g0U9dlbJcsRP9k7W2ycTjAWDamsc7mUPP7DoyPlPyVE%2Fc%2FqW6jUMtPsj92UyTTMQYWucqcvMOfxN%2Bw2xCu3h1pF3lUxiM0mc1Bso8sTAQYd23jJy1TGsZh5SVnwL5yHk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bc683af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
jquery.min.js
c0.wp.com/c/5.8.4/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/jquery/jquery.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
jquery-migrate.min.js
c0.wp.com/c/5.8.4/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/jquery/jquery-migrate.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
addtoany.min.js
nossopalestra.com.br/wp-content/plugins/add-to-any/ 		129 B
774 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 13:05:21 GMT
server
cloudflare
etag
W/"61127991-81"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hw9Cz9xx8YJ%2BqThbBqpZc4Vp%2Bh7I9N2uNMxYaDgsrhD02Fni1BcsbEmYxBvbIKLd6SKsU92mcOQ9IrjoKO0El3qtyJe2ahyVZzSd%2Fz04u2HLjkwAhV8PzJR761N9PArpE51%2Fi%2FdpY9Q8RwGo06LQiuCo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bc983af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
bbp-voting.js
nossopalestra.com.br/wp-content/plugins/bbp-voting//js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/plugins/bbp-voting//js/bbp-voting.js?ver=1628630583
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6e19115e8ae3d11ee9a7d9199b6cfc8158447f85f4698410e19079b0f10b178
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 21:23:03 GMT
server
cloudflare
etag
W/"6112ee37-fc9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tCQYGJYnCke0IS0kwvBBEV3fxq9dfvEF23YFeffTSEIn1hfuIQQuwnbx2sseCNhyuHmwiTDAsVsJSm5HktHBdiKGDrZSSU%2BaUGyCQc6EJfnL7vKon3lzkzspc%2B7MqHI%2F1XiwuFhyZBamWDkRqkl1e0Ck"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bca83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-104161738-1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9db59b66ebdbacbe738afae716ebd77ad73f60f22374ec4a964592d12db22cf3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40334
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Jul 2022 08:03:44 GMT
openplayer.css
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/openplayer/dist/ 		29 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/openplayer/dist/openplayer.css
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f9fed2e4d6be298ea778da093983a2236972d11101c705a1b90ab832949a6fb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=34095
strict-transport-security
max-age=0; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Nov 2021 13:29:17 GMT
server
cloudflare
etag
W/"619cecad-852f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iGgUyyAA%2BR%2BNQsYHLhRcT6pOQG4TApizzzKv%2Fo%2FXzREKjfx9mKf3MrkRUTdJlCRpjf9e%2B%2FU2mN2Gx69eFtt7c5PH6xT5CImiP3UsKzu8npJXKGt6YNYEEliPrtgWgyw6EC4l8aAxBvDYNSrj4HlrO4vF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cf-bgj
minify
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bcc83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
openplayer.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/openplayer/dist/ 		317 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/openplayer/dist/openplayer.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
458389df851873c19b0e9a24958177774c3402980b32c978cf366f4a2bd1b7b7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 23 Nov 2021 13:29:19 GMT
server
cloudflare
etag
W/"619cecaf-4f557"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpcErXnzoeUbkxxZah6Xyq%2BJl8aqPUfybAK2LjTi9oHXilBs7ddiSHkVjRv8kwjvpPAfkJfcvtgCisRVh%2FrMCovb1F1Y67AFhTS9ipieiQmmh5ZdJJRhneg4pReK8OPYH%2BrNDvVIsLBA%2BCYUhEvNAlp2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
725658987bce83af-MXP
expires
Wed, 03 Aug 2022 08:01:53 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
07a27ccac84d3870b401baa4ac741492c8ab071b0bd9ee2a7aef0a224b47afa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28045
x-xss-protection
0
server
sffe
etag
"1263 / 744 of 1000 / last-modified: 1656713226"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 04 Jul 2022 08:03:44 GMT
57570ddbba33790f503bba699e6c8137.js
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.143.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
7651812cfed44ebd48ad17145a3af03b893910af402daed77ef8c7c70fbcfe50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:45 GMT
Last-Modified
Tue, 28 Jun 2022 15:45:12 GMT
Server
AmazonS3
x-amz-request-id
XJ9KHJB99Y279KY8
ETag
"9244260969b58a2b6c8ec231f87f7aaa"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
22960
x-amz-id-2
8O9iGhtLCKt19Xux0tgxEfdrGVLnwl9MfHV2Xvua0e6vs0JALhje064482tFOzYAe5VvB/nYZCk=
b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786.js
cdn.pn.vg/sites/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/sites/b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8c7fa9dc87c1ae8ebf6fa71d356b75d51d41e96be9bb7effc8d175b6508992e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
1.1 a49b989a1c88787f19380a9f833baede.cloudfront.net (CloudFront)
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP64-C2
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Feb 2021 20:08:57 GMT
server
cloudflare
etag
W/"3a70a74f9f0c6ddd869e83d171a850d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKwVy6k8pcA91z11Rd8ZBSnLA7Hj1NXmgF95W9R4HVMrihVrScm2gpnF72eJUkT2GT50W7YbQRsP0g%2FDdce3ytNht%2FvMBE5SA0ZzwA7hWpKS1B5WRzyJb%2B9D%2Fo5EXytYYXzA8Kt9vm8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=14400
cf-ray
7256589a09b8bb0b-MXP
x-amz-cf-id
NLMDExKb2iDJiQlpMg63NDBWHcntNA0Aqyg72UUauWK17ZSRYFqWVw==
nossopalestra-2.png
nossopalestra.com.br/wp-content/uploads/2020/07/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2020/07/nossopalestra-2.png?v=040722080109
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1abd13bb36218b14ea3f542711e9c648f8c089eec460fee713c255a9d6766528
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
65967
last-modified
Fri, 31 Jul 2020 18:51:29 GMT
server
cloudflare
etag
"5f246831-101af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfhMt0x6HDOWezYgB3kyX1XAqDLAyzVzz2BDprms69QFB59wYGiAsSah0a%2FaxLP632jAUl5KI49%2BJiTMZqaKHcj2J2SIrnzL5Hj4In2tBhKNP%2BRD1LfF%2BMordjbpJem1QoSy3C%2BzT5dRosxT72q21nGJ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899add183af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
ext.js
b.admasters.media/widget/ed5f4efd-641d-40b0-a82f-5423f1abac33/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.admasters.media/widget/ed5f4efd-641d-40b0-a82f-5423f1abac33/ext.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6d401acfdee02845c03c8bde52ec03572ea9353945aab6e102cb92fce18fd768

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
etag
W/"86e-ylXLWvnBn1Y1Y7rKSHt+IL2L77I"
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nViXJupp1249PoTJY3J26sreWmnjD40o%2FrMsY6N9pQj4QiBVLuXQ3CPz1%2FNl0z8LUuuCKN0erql4aJp6jziUgyM61uSQ3tYrNyVDFsI8h09%2FcMbs%2FdQ5a2jBy9PZWQZwOoiRH2i9ZU1qas7UU5%2BfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
cf-ray
7256589a1e715a31-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
icon-play.png
nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/icon-play.png
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28fd831e3a5b0cdf47cff8ab6cefab6949b907b6924d922dbcc25da3114941bd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4279
last-modified
Fri, 10 Jul 2020 12:04:40 GMT
server
cloudflare
etag
"5f085958-10b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QE69WwrVhT3xlPXqvIqzZ4J%2BCZ0syQDZ6nQTx57tGHL7lPohALry0qhwtjpqktmAKEBw4e%2ByIrTj68UYWguTmOIR%2BxvEWtaU8h32sFhUN35vgYlbcWk5u3u4s8SlJQELhsVrSRSISGgPIq33FZsi67Cu"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899add383af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
grandepremio-white-nav-top.png
www.grandepremio.com.br/wp-content/themes/grandepremio/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandepremio.com.br/wp-content/themes/grandepremio/assets/img/grandepremio-white-nav-top.png?v=030820175923
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f946f4389b6864634414bdd4bed921bc848fc8ad75842cb60df9ac803747b39e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=7430
content-disposition
inline; filename="grandepremio-white-nav-top.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2664
expires
Wed, 03 Aug 2022 07:31:03 GMT
last-modified
Thu, 28 May 2020 01:06:04 GMT
server
cloudflare
etag
"5ecf0e7c-1d06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fc8o5%2Fcba%2BlB8ysjv9DMoKREiryKkFr0%2BrklRyN91tYLGWmS3u%2BD1e5LmKWwptOrwOSqILM7tF8SNNmMJ8FzN4v18BWbQuxL2%2BbVx69oqjwjzXsTegybmatxX65xn5htTuR%2BLmsIlOQhNi0riOEBblDbFAY"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a2f42374d-MXP
cf-bgj
imgq:85,h2pri
gp-logo-footer.png
nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/gp-logo-footer.png
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b69e8b3da5efe017311292cf15d606597c4680ad0a1d1859ec40c42ea1a22d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3348
last-modified
Fri, 10 Jul 2020 12:04:38 GMT
server
cloudflare
etag
"5f085956-d14"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUOd%2FuMqE78QRj%2F5EuRjggpo%2FW3fWHngn1Og9pmGLT1PeTy8Uk44fhTTkYVVrRu36fxMzwRNe%2BRM5XbjRNoy3s%2Bu3LvUHynjwpfZ2Z0Ko7C8AJhq%2B2T%2FOkougKJsjOhoCV5Xz8vDGhPUaUpeKupk0eCc"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899add483af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
email-decode.min.js
nossopalestra.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
last-modified
Thu, 30 Jun 2022 11:19:50 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"62bd86d6-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1C7pqTqjmOYNUx9sj3pO11f%2FFr7i99%2Bc0NDy67SelkRGfOSZrpq6NBUyftiyBRWMLUk3NtxFLIe9pZ5GvPdCJJNDx9r%2BGE3TU98L4SOPjh2AYNfja7Kou0QxnUmevvzsfM%2BYwFc1NAFbHew37HZsy0B4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
725658996d6983af-MXP
expires
Wed, 06 Jul 2022 08:03:44 GMT
jquery-3.4.1.min.js
code.jquery.com/ 		86 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.4.1.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15851"
vary
Accept-Encoding
x-hw
1656921824.dop141.fr8.t,1656921824.cds103.fr8.hn,1656921824.cds236.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30638
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-3dee4"
vary
Accept-Encoding
x-hw
1656921824.dop141.fr8.t,1656921824.cds103.fr8.hn,1656921824.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
prebid3.23.0.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/ 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/prebid3.23.0.js?v=040722080109000000
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef53ab4dceb28e261d06d3569177c4f7febcf8167704a357b4adcf39f2d2e6b7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Jul 2020 12:45:06 GMT
server
cloudflare
etag
W/"5f0da8d2-25e09"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PzCexoNt1uRWwnNSc6LBHJb8WC7pZygaMshcOtop3n%2Fj4XwEH0YAQFO1jFBDgKiihl7ZSAR7Jv8UedpPkJuzaHTH4AugtIXnOA12eIfM6BYm5Tv4ZPSFl%2B6FllSs7VioKTdS0dzCV9xh0cgn7O%2BfwJXk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899adc383af-MXP
expires
Wed, 03 Aug 2022 08:02:33 GMT
gp.prebid.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/gp.prebid.js?v=040722080109000000
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8d324539e5e3ed220343150897ec8bb5c4bc15ca376261c89802b0a378e4f61
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Jun 2021 19:20:45 GMT
server
cloudflare
etag
W/"60da210d-7444"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ppY%2BL2fqESopb%2FgVwCrltOISoN2qBCvgdHg4yJAQ0HlU2wKYqL9dw5%2B4ZVTO%2Bt6FpGvF6MozJCZYxv8ypdHil0ftRoSAORjF6J8jarMBdf1bQ28a6rQDAzTXdgefzmpQ1hFB6ITEguGXTu5uUZDgb60"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899adc783af-MXP
expires
Wed, 03 Aug 2022 08:02:34 GMT
gp.prebid.run.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/ 		16 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/gp.prebid.run.js?v=040722080109000000
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0fb96cb80a6051c0c25e3a6c1a8d3989d5f8cec7be8d12489a77f8b77cf305
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 31 Mar 2022 12:13:05 GMT
server
cloudflare
etag
W/"62459ad1-3f98"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=stfLTsX3Zfw6YGUiuD5l8FelDMB3S7leubifJ4Pf0p9iqi1WVDsxtY1DUEmHCT%2FvNDI37hPf7Ej4T4NlZfZOCJOCjGceMqzwEVPzXvoE62adgorUrF9gAvJ6WC7vh%2F4QQm46yABO%2B3%2BK%2BPTObsM5t8Rs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899adca83af-MXP
expires
Wed, 03 Aug 2022 08:02:35 GMT
materialize.min.js
cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/ 		177 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/materialize/1.0.0/js/materialize.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7536245
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36877
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efe-2c375"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2S0IcH0pk7AYjO7VU2U0%2Bix3jFD2ZZuhIY8lFGEsaYAbycjtQLfVx8V6lxwtfXsyfSnsC9PWj9oDicSEF6q8Sn6ZcHr7qPMTNtRfJyhOl8Nb2jrsyIFirLcn1JsGIx45sfaeE%2BBsG%2B6ngqIh6mxE8kwn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72565899cf1b0219-ZRH
expires
Sat, 24 Jun 2023 08:03:44 GMT
tether.min.js
cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/tether/1.4.0/js/tether.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7014319
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6714
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffc-619d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPhS%2FSo1uWRYGz7I547bOxCXR3CJAbk%2B9lmk%2F0WLB3lYztnK9DEBUmnjZpuTHsu%2FZfBLYExuqyqLpVUkuPW6ziSiilngXlqdzXqkmLYl7yhMPU8OT06f%2B%2BmDUvdbtpaaNaTcfvsKJ6DzfwqqMX4%2BjkSt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
72565899ca8f01f8-ZRH
expires
Sat, 24 Jun 2023 08:03:44 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 718, 718
age
6252564
cdn-cachedat
2021-04-23 00:45:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c1a15080350265bf6c9b27a03c24fbcd
cf-ray
72565899c91d23c7-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
bootstrap.bundle.min.js
stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.5.0/js/bootstrap.bundle.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
6236405
cdn-cachedat
2021-04-23 02:27:24
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:10 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
3abf7659ce125777bd3a25c7cac2d17f
cf-ray
72565899c91e23c7-ZRH
cdn-requestcountrycode
CH
cdn-requestpullsuccess
True
owl.carousel.min.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/OwlCarousel2-2.3.4/dist/owl.carousel.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:05:52 GMT
server
cloudflare
etag
W/"5f0859a0-ad36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SH4Oo4MEx5jSFy2UGQyhvxChkbefIuSZ4JsyKRHW%2B%2BzM068W3eYgcX9D6lLUryA26UREvVVDSomy7dKtOq2nCxeSU4eweR5TsrI%2FSjG2SprYQ4oHMTqA7oHhyAh%2FPDypswRjEqkVQ0bD5j2Vt4j8ae2A"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899adcd83af-MXP
expires
Wed, 03 Aug 2022 08:01:54 GMT
fc70e535e9.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/fc70e535e9.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75539451c4b2b14560670b1c2b6816f935a52ed8773269e7e5777235ffccd490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
72565899e8e12373-ZRH
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Fv5aAVcr0USAg44L6dgB
jquery.colorbox-min.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/colorbox/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/third-part/colorbox/jquery.colorbox-min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jul 2020 12:11:21 GMT
server
cloudflare
etag
W/"5f085ae9-2eb8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BqL8EWLT1qbS%2FV%2FC3j1yP8Y6g1ojKFNE5z%2FwgMvB06AQl1KCSQTskcpGe%2BPNPTB7i95jXBeykV%2FHhSNCk7HLMIx5rzR6OoMLmXHnOvAWlbw462DIt55iGAD8fCIcO3pFoCA6LpU9LAN9YsYclg6Ihja"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899adcf83af-MXP
expires
Wed, 03 Aug 2022 08:01:54 GMT
hc-sticky.js
nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/js/hc-sticky.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f38877bb33f49eab9f1404e24892aa319def0430c5e189eb71493046a8ccfdb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 14 Jul 2020 12:45:02 GMT
server
cloudflare
etag
W/"5f0da8ce-2e65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2BNk72yO7KKkENS3hPYoksiik%2Fa8f5k%2FD6rCRN4Y96ikyByy83xXu1rxOhob4XseZ2r3Jgplz1UYxB0PxSg2Zc3NyJrRrnT1gXgIwct4WgdBfhCPOK4jkJdNCTcqy%2FfIB9ZCcEJ%2B8%2BhN%2B5fVZo4pKtit"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899add083af-MXP
expires
Wed, 03 Aug 2022 08:01:54 GMT
all.css
use.fontawesome.com/releases/v5.15.4/css/ 		58 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
7007465
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FENA27EA4H45E12M
x-amz-id-2
JtidyWIhvjiXKpcq/qhkYJWPddksIbXDykY/cPkHsSWf7azfX166ff8W+UWQonL0qShIjdXUcEs=
last-modified
Wed, 04 Aug 2021 20:43:22 GMT
server
cloudflare
etag
W/"ecd507b3125edc4d2a03aa6ae5d07da9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BefbYZH760yTwopEjXgoifRke7RlKQDnPwDqi3Q8Gg9eTp6cF8qH9ltwNQaGmALQc8YwMGclg%2Fs%2FUeKauUC7BUYQ65%2FSvme8kYXb%2FbBoCpU%2Bd%2FR0Y%2Fy5qAsyRakWlEEERDUPDvDq1flUuR1Fbi09mNua"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7256589a08c8599b-MXP
photon.min.js
c0.wp.com/p/jetpack/10.0/_inc/build/photon/ 		758 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/p/jetpack/10.0/_inc/build/photon/photon.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Tue, 31 Mar 2020 17:26:38 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
wp-embed.min.js
c0.wp.com/c/5.8.4/wp-includes/js/ 		1 KB
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c0.wp.com/c/5.8.4/wp-includes/js/wp-embed.min.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
last-modified
Wed, 06 Jan 2021 15:29:24 GMT
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
strict-transport-security
max-age=15552000
timing-allow-origin
*
expires
Tue, 04 Jul 2023 08:03:44 GMT
e-202227.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202227.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
server
nginx
etag
W/"6197c5cf-3508"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Mon, 26 Jun 2023 00:37:21 GMT
wp-emoji-release.min.js
nossopalestra.com.br/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/wp-includes/js/wp-emoji-release.min.js?ver=5.8.4
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 10 Aug 2021 13:21:59 GMT
server
cloudflare
etag
W/"61127d77-4705"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSYtCNhnTsuE5GFbwPbVFp3%2BES9gyQOzbJEMahnIPuRL5ChW8lNYguds1d3ByNyMAf4ti3eJwUnDzSRsbzwU0z%2BtQndRozwPnZlSpjx6bQcoMXajhc1ak6FyuUuG%2BlJR5aiiEzKOQJBTqftm6pLKCJxt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
72565899add583af-MXP
expires
Wed, 03 Aug 2022 08:01:54 GMT
page.js
static.addtoany.com/menu/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
85085
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
7256589a0b8b2355-ZRH
cf-bgj
minify
marfeel-sdk.js
sdk.mrf.io/statics/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.mrf.io/statics/marfeel-sdk.js?id=1388
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05397629511aa65571ab22a7ab1a258f6f0c401bfb65ed44fdc2dca9d749c1aa

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-b3-traceid
350a4776cfad4a63af70dbc3ce862a47
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront, MISS
mrf-cache-status
M
access-control-max-age
3600
x-b3-traceid-primal
698246be8d2f4d509f57b5c18ed11a59
content-length
23163
x-served-by
cache-hhn4036-HHN
last-modified
Fri, 01 Jul 2022 10:34:31 GMT
server
AmazonS3
x-timer
S1656921824.293675,VS0,VE45
etag
W/"75150e679e2de30bfa69d18ffb0660a1"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
7armlzSLDgYntpdvZYwwiDHam4sVgrWXtwnGNcoxAY364NmFWdCpzQ==
x-cache-hits
0
cropped-fa470ec7-2f4a-4239-ac93-19e76abbf20f.jpeg
nossopalestra.com.br/wp-content/uploads/2022/06/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2022/06/cropped-fa470ec7-2f4a-4239-ac93-19e76abbf20f.jpeg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a06c1e319f6800741251294f15467d9725abb4af10636f2c5438097b672fbcd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
70139
last-modified
Thu, 30 Jun 2022 12:55:34 GMT
server
cloudflare
etag
"62bd9d46-111fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCUBYb0HEuVbJM9rzUpK41vSAFU%2BIJqiF%2BRD6O0%2BgRvVoWs9oS%2Fw05heOTklk%2BLp%2Br6KpHJJ2NmdEziKDf5aRReZPvtdOUnSVNHVuwGvpHe6KGHj4qh%2F3rOwzRIWGSfQspaZyUfikBXK7ab4lFS0ll7m"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899bded83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
lens-filter-shadow.png
nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/ 		311 KB
311 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/lens-filter-shadow.png
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/wp-content/themes/grandepremio/style.css?v=040722080109000000&ver=5.8.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ad697a5567bb430be204cc20bb875ed00d64d0691ba06eb012fe3af129695ed
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/wp-content/themes/grandepremio/style.css?v=040722080109000000&ver=5.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
318212
last-modified
Fri, 31 Jul 2020 20:02:11 GMT
server
cloudflare
etag
"5f2478c3-4db04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rqf9o0CMjC%2BVFnoW0fyp7HWDIoMZL3A5Zge%2F6LoH%2FS3WjUgGlvWwOC6J8%2FyUsH5ShI%2BVnpJhJ9Hd9yz1ntpteX6UProcvrp1%2BzxX2wjLfNgChyP1DvqyQPn2q8bz%2BoBeUKSn7k%2FXp6bBF2mc6D13tQE%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899bdef83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23040
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tsVSSYDq8dCPzppxXXJ1ooSm%2FyFXRa8Ib5NxWkex8g2QaYgr1Haqd%2F0xORFoJgQgElhnzuRHTCWUFlcELUC1U8jKlqqv89TX73u2F9PgjHF7ypG3lkwfe42xUisOlt9UAcSeP1%2BFfM5tZfv472SCNFQS"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
72565899bdf383af-MXP
expires
Thu, 29 Jun 2023 18:16:44 GMT
S6uyw4BMUTPHjx4wXg.woff2
nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23580
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjXeuibVLlsFfxdFy4zrrO1kxf1Ddnas%2FtKeeRyQbIay69DLTjMsQ2OfNzBwzfpZ0LFsYrFdeOA2kko%2F5kjadYqn39BUwfg7%2BEU3P6DwoE8%2BUv0%2B2SyBF0vYUWE3g%2BOK2TNx%2FCPGQUlexa3b2CJZYNyi"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
72565899bdf583af-MXP
expires
Wed, 28 Jun 2023 17:09:02 GMT
31219897097_0b92a362ac_h.jpg
nossopalestra.com.br/wp-content/uploads/2021/01/ 		285 KB
286 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/01/31219897097_0b92a362ac_h.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fc56167157162355b4ac42a16e9ca897365648ead7432d744e5ec8efeebe57c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
292035
last-modified
Fri, 01 Jan 2021 17:12:16 GMT
server
cloudflare
etag
"5fef57f0-474c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YU9oUt7chAAzhIU97sMTO%2Bm8u4E74%2BBue9WV65mYYSdR6hjxmPHjaKA3H3OUWl72Z3UY8KIN8NdjLuUB00%2BiR2CwJqt964DMrTN4%2FFJkkksqCGHuPxZ1qISFKA%2BNJ%2FhS2NYAatxv4Ttn5PTbYkT7%2B%2FIW"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899fe4283af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
Luis-Guilherme.jpg
nossopalestra.com.br/wp-content/uploads/2022/06/ 		114 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2022/06/Luis-Guilherme.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ba1a961f1cde88f4983a04fb2e2d64d9545b15ab4ca4ff1aa6ab7afdd5c8b59
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117224
last-modified
Sun, 26 Jun 2022 17:06:56 GMT
server
cloudflare
etag
"62b89230-1c9e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pircQqoshjNtWpK6yiUJZJSQpPPWTO1Jtjhl%2FW2FhM7LiTtSprGDAg6mnPQA5KjwJbjC%2B1gUsw9FCbijTbup%2FtL1kTRCCnagUi07FOPLmlYi6aEOuN%2FodPhc5fVTb0QA9K7sMgvZjTX4FAY94aMpYyzJ"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899fe4f83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
Emerson-Santos.jpg
nossopalestra.com.br/wp-content/uploads/2021/03/ 		190 KB
191 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/03/Emerson-Santos.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5f2349e4cf4904ffb7c99ebb918020a682c2a2b07130fcb033934a791dffe6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
195049
last-modified
Wed, 10 Mar 2021 15:43:41 GMT
server
cloudflare
etag
"6048e92d-2f9e9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XE1R%2F7m5WDaLKZAMnSfmNt8HE8GqgrI%2BqqcbqVCAiUvkWezlbTMMUp3rt2UGoaclHV2BUA9GOXAId5IE3gEw5XPnMWUbXdlWlwkUKRGHwLtA%2BUnpDGq3H%2BLVlLA%2FuhO17%2BI8MkwINVTB%2F1NDDRd80bM"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
72565899fe5283af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
back-ads.png
nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/ 		942 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/themes/grandepremio/assets/img/back-ads.png
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/wp-content/themes/grandepremio/style.css?v=040722080109000000&ver=5.8.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb752e1b14dec3327a4bd829d99c55c28d9b9797da26161c2cd65dc7e28cc7a7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/wp-content/themes/grandepremio/style.css?v=040722080109000000&ver=5.8.4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
942
last-modified
Fri, 10 Jul 2020 12:04:17 GMT
server
cloudflare
etag
"5f085941-3ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=574tTDw5dhLfSBDsRBWXpgykJBp0FLO3dE0LRnaHi2XythElexBKfTGEtTvCpl7qHeDAICaLDjy0oCwnrnsy2sRU1G3ikOW1cPAbbY%2B%2FG%2F7rZgqKVsBfbI0kHRz9w9QFpaR1a%2FpSPits0gRooCKWnQL5"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a0e5b83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
51708438077_4017e6a7a5_o.jpg
nossopalestra.com.br/wp-content/uploads/2021/11/ 		484 KB
484 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/11/51708438077_4017e6a7a5_o.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fd1b7fefa605f6ea2cb91d35bf172c5aacf8946302f5c2b0ea57dbf5ed5cf8f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
495273
last-modified
Sun, 28 Nov 2021 01:59:31 GMT
server
cloudflare
etag
"61a2e283-78ea9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b98H2qS5dFXPPpk3cyctN2ooWQKJ2xZJeUzDY47k7rMczvFQnv%2FUbhwK4WRqpf6ERGhAXCQrodJEq9bYjhUP1TNBksYICMznBHkVMsA6IqYORLSihHRyHv5uy0jvmFZhQcOhm9we1z%2B238iDKwqCXyqb"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a0e5c83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
51663386400_03caeeb24e_o.jpg
nossopalestra.com.br/wp-content/uploads/2021/11/ 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/11/51663386400_03caeeb24e_o.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c472b397a771cc621216f46f1a4b0a07b47e486f15b48fb7f69b04b804bdaf71
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
178881
last-modified
Mon, 08 Nov 2021 00:05:06 GMT
server
cloudflare
etag
"618869b2-2bac1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8EgEnCKeRZ2azeTC4prEka3vOg63AYkw8lOPUNqnmFnBRfP%2FL10twW4oYyyMk8GQltlDIbFk34tc88Ui%2B2ml0vwvVvWapBN%2F15egf%2BYMi%2BuT%2F1px9l7bfooDqhE%2B%2FqFTGVfE3up57dFFYTuToYazub5"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a0e5d83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
51670077662_f8b65a7f51_o-1.jpg
nossopalestra.com.br/wp-content/uploads/2021/11/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/11/51670077662_f8b65a7f51_o-1.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4fba55eaaa608ea9d94c2610e5373f3cc6c8d26328c9d859a9f0810249c975b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
147478
last-modified
Thu, 11 Nov 2021 01:10:09 GMT
server
cloudflare
etag
"618c6d71-24016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPuWlVJ1p4cio0YFRwDa5t1Vb4U8g2asmgRaAPyn2AYdQ%2F1EV%2FZB9q%2B3%2BPN7n2zOSflS1btRYAXHjtcV3aSqTf%2F2bU%2Bu0Httr%2FeCYXzYRyY6kmfwCvxgxjQIElegoo5loeLeMMo%2BeMBPW1ZALONdY3BN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a0e5e83af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
Captura-de-Tela-2021-11-29-as-17.13.55.png
nossopalestra.com.br/wp-content/uploads/2021/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nossopalestra.com.br/wp-content/uploads/2021/11/Captura-de-Tela-2021-11-29-as-17.13.55.png
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e959287d40e82860f87d3e52fbe826f5732368b8941cf2c980514506c1f357
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1117063
last-modified
Mon, 29 Nov 2021 20:13:58 GMT
server
cloudflare
etag
"61a53486-110b87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6rvk9Ws1rtukJU32d1zFOu5KUSwvn2UIgXyVjITky%2BKMn3TRcpmgS%2FFEynqV6QEEADlXqznNkAFLHQtUCYAHzciCRoh7wf3Pvnd1h3IZ11L5jdOXUFx2kKnJQoLyvAnMzIkD%2Fx6WUaMIn%2F22kgraMrP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
accept-ranges
bytes
cf-ray
7256589a0e6183af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
44328730152_776081720f_o.jpg
i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/06/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/06/44328730152_776081720f_o.jpg?fit=300%2C174&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
e639a0cf08612ade001a7a5d1182bff90af5bd1a98af62cc5e498b659cb9c5b9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Wed, 29 Jun 2022 08:02:29 GMT
server
nginx
etag
"f9dcffe601ccf3d1"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/06/44328730152_776081720f_o.jpg>; rel="canonical"
content-length
15254
expires
Fri, 28 Jun 2024 20:02:29 GMT
palmeiras.jpg
i2.wp.com/nossopalestra.com.br/wp-content/uploads/2019/12/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nossopalestra.com.br/wp-content/uploads/2019/12/palmeiras.jpg?fit=300%2C173&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3d30f25faf9ff1d6177aa05091c7684eb09a87e3abca581b833fdb63ae6e6b3c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Jul 2022 07:59:53 GMT
server
nginx
etag
"85621b4354606027"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2019/12/palmeiras.jpg>; rel="canonical"
content-length
16388
expires
Wed, 03 Jul 2024 19:59:53 GMT
15Onde.jpg
i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/15Onde.jpg?fit=300%2C144&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
eb27212fb033257ce4cffc3de85ed158c3de131cca1ae28bf8359ed3ed300d0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
MISS hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 04 Jul 2022 06:14:10 GMT
server
nginx
etag
"760e285a7f853194"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/07/15Onde.jpg>; rel="canonical"
content-length
8994
expires
Wed, 03 Jul 2024 18:14:10 GMT
52189786134_b0c0fc6395_o.jpg
i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/52189786134_b0c0fc6395_o.jpg?fit=300%2C169&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
af9d1952b9e4ff458d953d4f26b0bcce0bb2571e9fa58d6f0d0813f4788d2bc4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 03 Jul 2022 12:41:14 GMT
server
nginx
etag
"bfcc3a4a8dc9389c"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/07/52189786134_b0c0fc6395_o.jpg>; rel="canonical"
content-length
5416
expires
Wed, 03 Jul 2024 00:41:14 GMT
lrEZd7-7mL4hd.jpg
i0.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/lrEZd7-7mL4hd.jpg?fit=300%2C169&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
46f5d5aa9f8e7ad17c05ed0cb39d0affa11b227930fede5e0299531f165b9d7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 3
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 03 Jul 2022 15:40:29 GMT
server
nginx
etag
"6bec66e6924f4685"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/07/lrEZd7-7mL4hd.jpg>; rel="canonical"
content-length
10934
expires
Wed, 03 Jul 2024 03:40:29 GMT
52189533906_1eaafdd6ab_o.jpg
i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/07/52189533906_1eaafdd6ab_o.jpg?fit=300%2C169&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
23307810c1b3fcad121cd88b682c7fd1e0497128c7c38c8983af5f8ddb01280a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 03 Jul 2022 12:41:14 GMT
server
nginx
etag
"0dd7ac05a9b32250"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/07/52189533906_1eaafdd6ab_o.jpg>; rel="canonical"
content-length
9494
expires
Wed, 03 Jul 2024 00:41:14 GMT
hqdefault.jpg
i.ytimg.com/vi/PL-CY9u-4EA/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/PL-CY9u-4EA/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
501b772c355ed0107f4e548524d09dbc3f11ea97e0b0e735cd92e4f4c8849425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33966
x-xss-protection
0
server
sffe
etag
"1656536476"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 10:03:44 GMT
hqdefault.jpg
i.ytimg.com/vi/IVXZOvopZVA/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/IVXZOvopZVA/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60c9f0124e8cf8dc4409d71a464805070c4269c0afc99b79d95dba2f2d883fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36820
x-xss-protection
0
server
sffe
etag
"1656875369"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 08:08:44 GMT
hqdefault.jpg
i.ytimg.com/vi/zcLLOX14pwM/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/zcLLOX14pwM/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
83952ac3cae806807c18789fab8b9ba2f7b2a935fc2598198a6b71a067c8a61b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31386
x-xss-protection
0
server
sffe
etag
"1656856081"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 08:08:44 GMT
hqdefault.jpg
i.ytimg.com/vi/lrEZd7-7mL4/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/lrEZd7-7mL4/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95da64aa07444494fc3ebed5dabaf9bc9b56857dcad58b708198ccb437e564bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33843
x-xss-protection
0
server
sffe
etag
"1656851679"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 08:08:44 GMT
hqdefault.jpg
i.ytimg.com/vi/g-M2J6OIWyw/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/g-M2J6OIWyw/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4d4bc2788671a9870de27e036429db3d9b5cfda29abeec244827a790217afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40476
x-xss-protection
0
server
sffe
etag
"1656773903"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 08:08:44 GMT
hqdefault.jpg
i.ytimg.com/vi/6H5uU8vtqc8/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/6H5uU8vtqc8/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b940eda1d20c2bf801fb3c889fc042ccb50809c5d9ad9b66d08a58a807c9c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:19:21 GMT
x-content-type-options
nosniff
age
2663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32007
x-xss-protection
0
server
sffe
etag
"1656622114"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 09:19:21 GMT
hqdefault.jpg
i.ytimg.com/vi/A4rd864QbdU/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/A4rd864QbdU/hqdefault.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3134713e3b70c87793edc1c9807cbcfe58176fd552637b5cec71bdcd5ae1d6aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38830
x-xss-protection
0
server
sffe
etag
"1656677235"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=300
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 04 Jul 2022 08:08:44 GMT
Romain-Grosjean-Honda-Indy-200-at-Mid-Ohio-By_-Matt-Fraver_Large-Image-Without-Watermark_m63620-scaled.jpg
www.grandepremio.com.br/wp-content/uploads/2022/07/ 		268 KB
268 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandepremio.com.br/wp-content/uploads/2022/07/Romain-Grosjean-Honda-Indy-200-at-Mid-Ohio-By_-Matt-Fraver_Large-Image-Without-Watermark_m63620-scaled.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98c66d3a63f339be596ee49016a5e1943e031a0e229b1ced41be3b9846771e9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=385415
content-disposition
inline; filename="Romain-Grosjean-Honda-Indy-200-at-Mid-Ohio-By_-Matt-Fraver_Large-Image-Without-Watermark_m63620-scaled.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
274130
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 03 Jul 2022 23:03:20 GMT
server
cloudflare
etag
"62c22038-5e187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaEKJ923t%2Flg4SIc4JqnYAot6cdXQI4%2B6uxTnjj%2FePZpxZMOmJJNQ97LqWjH0%2FjvoEZSoq%2FqgAJgcXJ0SNzHf1XRr3YVt8FUEG5tJCr1NWky7kWZvOGj93vaK%2F9aOxbsV4TpgpNTLZXhoxYJT%2BEmoxp3WEFM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7256589a7fa5374d-MXP
cf-bgj
imgq:85,h2pri
Alexander-Rossi-Honda-Indy-200-at-Mid-Ohio-By_-Joe-Skibinski_Large-Image-Without-Watermark_m63869-scaled.jpg
www.grandepremio.com.br/wp-content/uploads/2022/07/ 		221 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandepremio.com.br/wp-content/uploads/2022/07/Alexander-Rossi-Honda-Indy-200-at-Mid-Ohio-By_-Joe-Skibinski_Large-Image-Without-Watermark_m63869-scaled.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23a8bb3dc090e27defe4eaa1cf3100f95a852c90963f984a4671cad44657b8c4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=381110
content-disposition
inline; filename="Alexander-Rossi-Honda-Indy-200-at-Mid-Ohio-By_-Joe-Skibinski_Large-Image-Without-Watermark_m63869-scaled.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226800
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 03 Jul 2022 22:37:36 GMT
server
cloudflare
etag
"62c21a30-5d0b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA3RFHb1uAp1GZ8D0TWruMEM0sF4Hd8BoLi9Kv5MhJCaFBGGeZQIxys%2Fv0CuFS%2BEqmnV1TPEHegZb9fxi9TV6P0i01edT7QBtKo%2Bx2wFPlCDa6zlrXi3Z1R%2F4G98iFV1ezaXjv5NKZ9IKa2Tz3i7sXfcI3Ox"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7256589a7fa7374d-MXP
cf-bgj
imgq:85,h2pri
Helio-Castroneves-Honda-Indy-200-at-Mid-Ohio-By_-Chris-Owens_Large-Image-Without-Watermark_m63498-scaled.jpg
www.grandepremio.com.br/wp-content/uploads/2022/07/ 		142 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandepremio.com.br/wp-content/uploads/2022/07/Helio-Castroneves-Honda-Indy-200-at-Mid-Ohio-By_-Chris-Owens_Large-Image-Without-Watermark_m63498-scaled.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a9f68a97f8c907f66e978ea005e04e33341e0a569029a62110d5b93aaf78d2e
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=241777
content-disposition
inline; filename="Helio-Castroneves-Honda-Indy-200-at-Mid-Ohio-By_-Chris-Owens_Large-Image-Without-Watermark_m63498-scaled.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
145072
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 03 Jul 2022 22:03:26 GMT
server
cloudflare
etag
"62c2122e-3b071"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TX5EW5pwSTexfUsq7T4CH70UVy4%2FxAMu%2Fd%2B6FVx9wSJ8RK%2B6yGydMT6vCfh6fW1UMKzaBw%2FyqnCeW0PLs1%2BuiJeFUtREP2wSZM45l8upqZyygw33y6gWMBN62AH7BWe83A7wyr7mDSWicOuf6WsvGgXvkDlZ"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7256589a7fa8374d-MXP
cf-bgj
imgq:85,h2pri
haas-mickschumacher-01-4.jpg
www.grandepremio.com.br/wp-content/uploads/2022/07/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.grandepremio.com.br/wp-content/uploads/2022/07/haas-mickschumacher-01-4.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:aa3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e3396a7555ebb40abfade1cfa722553aa683787a4cc6bceaf52dbe31d89e3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
qual=85, origFmt=jpeg, origSize=249306
content-disposition
inline; filename="haas-mickschumacher-01-4.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
168460
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Sun, 03 Jul 2022 15:48:26 GMT
server
cloudflare
etag
"62c1ba4a-3cdda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80qVni3TPDUlZfN%2B0DuG3v43y83TTupBwChUY28Bc4Eb%2F6FIn8H8NpOmilugWknKwWGhSaUW%2FPAcax9ymEyANl%2BLeHt28YAuZ3tyehs5dbkyGo1%2BJSUgdX3K8lnnECxVj%2BE1jU5LITwipLE%2BsvpfBdEc7SsV"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
vary
Accept
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
7256589a7faa374d-MXP
cf-bgj
imgq:85,h2pri
WhatsApp-Image-2022-01-19-at-21.17.30.jpeg
i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-19-at-21.17.30.jpeg?fit=300%2C200&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
45d7e88cef461c679cf5a9a267e3af7a18472504462f52f729a146998b41d151
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Thu, 20 Jan 2022 03:51:06 GMT
server
nginx
etag
"214e2354356675c2"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/01/WhatsApp-Image-2022-01-19-at-21.17.30.jpeg>; rel="canonical"
content-length
10998
expires
Sat, 20 Jan 2024 15:51:06 GMT
b47558d8-d1fa-481b-ae30-537dd0a27c88.jpeg
i0.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/b47558d8-d1fa-481b-ae30-537dd0a27c88.jpeg?fit=300%2C169&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
6fde3e4b14f0aa592771a42ab3858b7c5fb1f4186cf8c18b28c27e1d48362c4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Fri, 03 Jun 2022 09:41:50 GMT
server
nginx
etag
"e3f26c357d7c4c10"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/01/b47558d8-d1fa-481b-ae30-537dd0a27c88.jpeg>; rel="canonical"
content-length
4742
expires
Sun, 02 Jun 2024 21:41:50 GMT
51838685601_2b31ed70f2_o.jpg
i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/51838685601_2b31ed70f2_o.jpg?fit=300%2C168&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
79cb014913501c6ab2e531995462c6d6e7fde734aacc9a97e88ef20454014e1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 4
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Mon, 24 Jan 2022 03:21:50 GMT
server
nginx
etag
"cf4553358e17e880"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/01/51838685601_2b31ed70f2_o.jpg>; rel="canonical"
content-length
21106
expires
Wed, 24 Jan 2024 15:21:50 GMT
51804247185_15811f0e8c_o.jpg
i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.wp.com/nossopalestra.com.br/wp-content/uploads/2022/01/51804247185_15811f0e8c_o.jpg?fit=300%2C169&ssl=1
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i0.wp.com
Software
nginx /
Resource Hash
3ea5cf693555f06b2ec26c03f9306c6ae9b95612b89be0b63f672dd87f3ad15b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-nc
HIT hhn 1
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 23 Jan 2022 09:37:25 GMT
server
nginx
etag
"d0a3eaa335f22395"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://nossopalestra.com.br/wp-content/uploads/2022/01/51804247185_15811f0e8c_o.jpg>; rel="canonical"
content-length
9744
expires
Tue, 23 Jan 2024 21:37:25 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22504
last-modified
Tue, 26 Apr 2022 16:04:16 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHZ%2FvqA5GvhO4op9ZTKQVOivlewhwq%2Be9IAFM97lMTVyf8P2e0C5HEJqjTP4rRBXd%2FwCI5CPwUsXC%2BDLiSXFhXUa1S6cFjUctaG380Fm0c8B1CNxB8xaTQBsfBdz7nkxBuj0RZelJqMOOJKTneEAHcJj"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7256589a1e6b83af-MXP
expires
Wed, 28 Jun 2023 17:13:30 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24408
last-modified
Tue, 26 Apr 2022 15:50:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfQSNqP8iaGS7SdM0RVKWrCbtWUn4GojoM85vr0i04hu6q25r9cLuk%2B3vMrzLCU%2BTH9jHek7k67VTijS3%2FKIH5IWWjf%2FkpKgRUrO66SWMt6yuYiQefmEx9mnefXjrU3LSrdPqjTYBu36B1cU9GHHlxTk"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7256589a6ef483af-MXP
expires
Thu, 29 Jun 2023 13:59:17 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/fonts.gstatic.com/s/lato/v23/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24448
last-modified
Tue, 26 Apr 2022 16:41:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKPxidvFkh8L2%2FQClBVnw9s7%2BpCKKfPv%2BzN5rX%2F3F8h3GR0K4%2FBS4XaeZQS%2FYG7ZlcaXlB%2FSFEibMmm4dzqFfGurWmDO4nlZ5dQ2yWSulb%2F6BchdOm6CKprm9q2mATjQo6pa4rujaC7D9QrlWqmFgRLH"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
vary
Accept-Encoding
cache-control
public, max-age=31536000
cf-apo-via
proxy
accept-ranges
bytes
cf-ray
7256589a8f1183af-MXP
expires
Thu, 29 Jun 2023 21:05:29 GMT
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=fc70e535e9
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fc70e535e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
1.1 30d508255f72fdd1189d1f581ac8dad8.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
951355
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx0FE4XylyS9dxf64alDHLFCbpPT4KxlT9liyvdAF9PgNeOLLiM1vkoOMzMvFqQO%2BYx0KSl0RA%2Br9pUtAf68s9E8OEfV66FixuS3IvNtzrQjSPr%2Bf48X00SIiYAznHYvEtRhQEm8uxL3gDBYVTjoZll%2FbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
MXP64-C1
cf-ray
7256589b9a24bb1f-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
WSpzIJcrRa9YWESNorDnOvS64PPjlX1KK-O4qsaRomuGaTmlJTyWug==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=fc70e535e9
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fc70e535e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
1.1 b11b9b995d2b659993dbfeb81d72a994.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
951355
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgZLhKMPyGIB7bxcYYYypyVm4qxK0gAkpqLouz4mi0D7HEoRDNWlrCiWWnCi3NLDTXOgNaRA7Qdk36ePf%2BZAZJrqVWVedyoVwxn71GxCjK02rGBLGcq314ymmxAcvToil6O6zWegFNjSGgwqtOb63wIpRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
MXP64-C1
cf-ray
7256589b9a26bb1f-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
PGR2C8He0d5ulF1_la_bTJ8SGw0MnJXBaOdyvbt__4wKP2xO82l0ig==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=fc70e535e9
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/fc70e535e9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:9689 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
1.1 75eaed1e8c4b311f3b5fb4f439d6e696.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
951355
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6Mgk9gUIIaN6zPRDjw%2BNRwXSFY8LRgPp6x728eAPtkWy5fDcZZbUllmVzEH5SkCQTwj3F941oQVOGipeLkJEmuzJQvUtHZ5Ie36Z70mfD8jddV7ok59ya6%2BPIPrNN1e2g2stQbpPLbn0Q77vQY7eQn9kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
MXP64-C1
cf-ray
7256589b9a27bb1f-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Wi4x8vjfAH45IBEAByv5mNUmwoCLzwmhsNA8EPG217z3yq5qSvL8qA==
fa-brands-400.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=5.8.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=5.8.4
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8875
cf-ray
7256589b8f62bb2f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76736
x-amz-id-2
66peN6j8Ybyx+R2ncMZ2lcfYXdiZvcJeiYgKSXs5Vo/2Hquo2rwTnoU4Ex7QXsLpewuiIJUkQos=
last-modified
Wed, 04 Aug 2021 20:43:47 GMT
server
cloudflare
etag
"ed311c7a0ade9a75bb3ebf5a7670f31d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4U4qLxkvlEBogmsJaiUKpQYyZ8ER72ZStvV1jRqfFIJqL5r6AUDj5OsCEhUKPv6Y1oe%2Be0LZzPg1HDstE8sk5g4NpH%2FW2asjuzD%2B9%2FYCpxqR%2Bta0OQ5DqRKTbADQvXah969vM4hdQA%2Fk91k8vzb3g5i"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
6V572VPP45CTBF7M
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
fa-solid-900.woff2
use.fontawesome.com/releases/v5.15.4/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.15.4/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=5.8.4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://use.fontawesome.com/releases/v5.15.4/css/all.css?ver=5.8.4
Origin
https://nossopalestra.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8875
cf-ray
7256589b8f60bb2f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
x-amz-id-2
tiiBdd2fhye1Hsk2uz5S7NFn5QfRA8x5D0iZ9JCI2S2u60i0X3ZHxfFSDGrviPZcGwzyBIt6+qg=
last-modified
Wed, 04 Aug 2021 20:43:47 GMT
server
cloudflare
etag
"d824df7eb2e268626a2dd9a6a741ac4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uL75L00GrP9hYfpvZd02ZCw2%2FjrtHrIXdNT3ynIrwO9%2Bh4r7LKPIr1dWHgGk0FmOGxicM7iaiHun%2FcN498R9iYpnMQlHb2v1gcrcMIVBJDu3aj%2Bqq6c0RRCQjZvd3doF8ZXvlSDIDfkvmwy2nWEhMmp"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
6V5F7F3V49GJZDQ0
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
pubads_impl_2022062801.js
securepubads.g.doubleclick.net/gpt/ 		374 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 23:27:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30952
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130514
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 08:35:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 03 Jul 2023 23:27:52 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		181 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nossopalestra.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
1df88ff41be8867eaeab2ea602425b8aa8745721442c9cbdf50a86484093a44c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Mon, 04 Jul 2022 08:03:44 GMT
ilabspush.min.js
cdn.pn.vg/push/ 		183 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pn.vg/push/ilabspush.min.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/sites/b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c05d32ca57950965e8e862309e4ee5402393526bea838fb7c0fee92d3cf9886c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
via
1.1 335b5d7a095dc0c2b19883021de7870e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3768
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 01 Jul 2022 10:46:38 GMT
server
cloudflare
etag
W/"54fa8223c21e35ac72ac23c1bcec34fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0%2BN%2B3x7L1mmgk%2FDX62NYn2lqepb%2B7ke%2FwwdLgueHDQ4Mz3hWJdJOmwGaDSbKFzH%2F6ZW3k8HxQ%2FbFzAj32yFFpVZQRw3l7lMMcL1JNjnspQ4O8Pn4SAxu8ehZV89JQlZPlKeCYYxd20%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
x-amz-cf-pop
MXP64-C2
cf-ray
7256589bc81f3746-MXP
x-amz-cf-id
GdCM7uPcmmwSfzkSNmzuc9PmSjE-FHBOA7VJJnNjbLP6gXsfYkk0Ig==
sm.23.html
static.addtoany.com/menu/ Frame 74E3 		741 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
366850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=315360000, immutable
cf-cache-status
HIT
cf-ray
7256589bce4023f7-ZRH
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:44 GMT
etag
W/"2e5-5cc9e128a4c38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
e2s
x-content-type-options
nosniff
/
pro.ip-api.com/json/ 		34 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?key=gynC83fhhUJjhRu&fields=region,countryCode
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
1cfcde6ae678c5e7e1fa5abc2338ab1edf6f1a4b059d5bfd331faaf7ad4129b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Jul 2022 08:03:44 GMT
Content-Length
34
Content-Type
application/json; charset=utf-8
g.gif
pixel.wp.com/ 		50 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=133812493&post=0&tz=-3&srv=nossopalestra.com.br&host=nossopalestra.com.br&ref=&fcp=1064&rand=0.8854899197065154
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 08:03:44 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104161738-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4056
date
Mon, 04 Jul 2022 06:56:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 04 Jul 2022 08:56:08 GMT
js
www.googletagmanager.com/gtag/ 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-170494924-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-104161738-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
540fc2ed76923ada1427f40e5539b43df3b9c31e37e4027498b3f675061edbd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40330
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 04 Jul 2022 08:03:44 GMT
ingest.php
events.newsroom.bi/ 		116 B
838 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1388
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
5f81bed0f608ec58cf80ba7d5528a2f17b8b173c2d61e6df36359c3d91fac9c5

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryF33lNVvYt08PQPne

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nossopalestra.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
79
active
flowcards.mrf.io/json/ 		16 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://flowcards.mrf.io/json/active?site_id=1388&page_technology=0
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-b3-traceid
15d114bdba504411a636283da7b719c4
x-cache
MISS
mrf-cache-status
M
x-envoy-upstream-service-time
1
x-b3-traceid-primal
15d114bdba504411a636283da7b719c4
content-length
42
x-served-by
cache-hhn4047-HHN
server
istio-envoy
x-timer
S1656921825.670733,VS0,VE8
vary
origin
x-req-backend
F_origin_1_croupier
access-control-allow-origin
*
cache-control
max-age=300
accept-ranges
bytes
content-type
application/json; charset=utf-8
x-cache-hits
0
nossopalestra.js
rtg.admasters.media/script/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtg.admasters.media/script/nossopalestra.js
Requested by
Host: b.admasters.media
URL: https://b.admasters.media/widget/ed5f4efd-641d-40b0-a82f-5423f1abac33/ext.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701c8ca64a36596056cb473bcb74e55ef13d324d834842e92419d4c24c8e70b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
a7a96ddb-862d-46b1-af59-3a9f762664f0
x-runtime
0.002461
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"701c8ca64a36596056cb473bcb74e55e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zl8f8jDMsYkJFLnjWR9OIb496n1q2oGFogLBg47rfvXkiD%2Fjf9ScwIQWNRsvRAJfQt8nrSs67FIC%2Fw4NO5dcePHJc1Fee4TawuLYUTcSAZMCz%2BXNDHPkCFMVSrSX64nFp%2FIvOH1De6F4yhWCZHJnfR7G"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=604800, private
cf-ray
7256589cce3dbad0-MXP
300_movavi_250.jpeg
a.cdn789.dev/8051eb857350f77a54f8604f0d454ac4/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.cdn789.dev/8051eb857350f77a54f8604f0d454ac4/300_movavi_250.jpeg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:4698 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf6d64252c75bc47fec6f73cae506f5e4e31500cc401455fc3477b8ad298bef4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6684
cf-ray
7256589d0fa9374f-MXP
strict-transport-security
max-age=15552000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26715
x-hw
1656597115.dop208.ml1.t,1656597115.cds217.ml1.shn,1656597115.dop208.ml1.t,1656597116.cds003.ml1.p
last-modified
Thu, 30 Jun 2022 13:45:35 GMT
server
cloudflare
cache-control
max-age=14400
etag
"dccc4287a67de3da860af8504bea388c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ep%2FCCwXeCNOVoSmVRPPD%2F1cunhvA2KU6dJe8Fqb3b21P7VkvFEQOd59KvHz%2BrJn%2FCsiZjsSTsksbaDULOg72sO35q5JZ9lABjvszZmYPZ82lvbx3or1Jpp1b1dkjG7%2FQ43TdoTNw8xf2558%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
tx0000000000000f2991aa7-0062bdaa7c-319c06cb-nyc3c
x-rgw-object-type
Normal
accept-ranges
bytes
content-type
image/jpeg
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		162 KB
56 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
385899ff1573213dec08df0fe0b6836c55feaddd171680235087ebc13c56770e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56400
x-xss-protection
0
server
cafe
etag
15734508283158771874
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:44 GMT
b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786.json
osp-assets.pn.vg/ 		21 B
838 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://osp-assets.pn.vg/b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786.json
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
access-control-allow-methods
GET, HEAD, POST, PUT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
952249
cf-ray
7256589cfc0bba9f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21
x-amz-id-2
J374NfY9TERU/qaZ3FIGqh25Q2U9JCVUQC78xZV55nT0OoGIGuw6I8NM/Duv6S90TG1KAiORvGQ=
last-modified
Fri, 05 Feb 2021 20:05:28 GMT
server
cloudflare
etag
"7e49c47a75dd2571802e6b32b46a36ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7WoWmA5%2BD38%2BrTQFV8rQAvi7GG85mxDInm4PM1HelopT%2F7mOF%2BGNhs9isKKpmilCdhYR%2F2%2BepKaYcZ1l%2FtX6r3s8eEwAZReIdrqzVaPImVwf9nnKwkPFDcCAAlsOCp4nJlRKAdptPkfI2isaRUY"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
C5QD7XH8B4K4J33T
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-type
application/json
pushnews-sw.js
nossopalestra.com.br/ 		62 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://nossopalestra.com.br/pushnews-sw.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:e42 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 05 Feb 2021 21:10:12 GMT
server
cloudflare
etag
W/"601db434-3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS1SDyf5TJtN%2BcjTPFhy5liAByfO5mMBhXtHRK07gU9DCfgXok8E%2BLD3cm5QDsd9TQ8izpv%2FMBR3eLGVWfmgC%2Bd4lwED6MRZn8iNmuoFsILhLTYcp02Z1eNqrjZPXfnCc9vjHlz3YWqyy0J9hXA9%2BYaQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=2592000, no-transform
cf-ray
7256589caa5383af-MXP
expires
Wed, 03 Aug 2022 08:03:44 GMT
cookie.html
cookies.pn.vg/ Frame 4975 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cookies.pn.vg/cookie.html
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3360
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7256589d2ed0bb0b-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 08:03:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 12 Jan 2022 17:09:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Otr%2Fa3I%2B0hVnW2zzLvFFAxXScphV5VjtTyQ1VK5IxtWO1HTTD7NgT%2F9yOcRcc%2F%2FDUsRG5TJ65x9%2FOk7Gdhf3WmChSfr8xluGXI%2F8mMXL5OB2XzKsOu9Z4gOBvC3bzdUT9Jf3a1ezDFZyQJD"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
via
1.1 5427b6f9e99013a38c36e041a855ef66.cloudfront.net (CloudFront)
x-amz-cf-id
YDdOnPAEECHaTXf-Ytan2Iz1BfITQYrjmSu7R92YsuZsUd2peWfmpQ==
x-amz-cf-pop
MXP64-C3
x-cache
Hit from cloudfront
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nossopalestra.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nossopalestra.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		45 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448760543967107&correlator=1802008077439651&eid=31068159%2C31068294&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=21849154601%3A21817796643%2CAd.Plus-Mobile-Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2767068110&sfv=1-0-38&ecs=20220704&ists=1&fas=8&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656921824859&lmt=1656921669&dlt=1656921824012&idt=806&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnossopalestra.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1685907763.1656921825&ga_sid=1656921825&ga_hid=1502341247&ga_fc=false&btvi=-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
ee4087c6f70d86b78a4cbc631331d48355006da925f1ce387470de42f98f6c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16073
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9E4A 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:44 GMT
expires
Tue, 04 Jul 2023 08:03:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022062801.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022062801.js?cb=31068294
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
sffe /
Resource Hash
96fa53f5c7ee449368b95af8f9b354851f7f47ef24a30c820df6fdfeabab17ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 10:44:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13583
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 08:35:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 29 Jun 2023 10:44:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1502341247&t=pageview&_s=1&dl=https%3A%2F%2Fnossopalestra.com.br%2F&ul=en-us&de=UTF-8&dt=Nosso%20Palestra%20-%20Palmeirenses%20que%20escrevem%2C%20analisam%2C%20gravam%2C%20opinam%20e%20noticiam%20o%20Palmeiras.%20Paix%C3%A3o%20e%20honestidade.%20-%20Not%C3%ADcias%20do%20Palmeiras&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=1852092005&gjid=1073872139&cid=1685907763.1656921825&tid=UA-104161738-1&_gid=725978469.1656921825&_r=1&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=1184939855
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1502341247&t=pageview&_s=2&dl=https%3A%2F%2Fnossopalestra.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Nosso%20Palestra%20-%20Palmeirenses%20que%20escrevem%2C%20analisam%2C%20gravam%2C%20opinam%20e%20noticiam%20o%20Palmeiras.%20Paix%C3%A3o%20e%20honestidade.%20-%20Not%C3%ADcias%20do%20Palmeiras&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YChACUABBAAAAC~&jid=&gjid=&cid=1685907763.1656921825&tid=UA-104161738-1&_gid=725978469.1656921825&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=1970641790
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 22:33:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34186
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1502341247&t=pageview&_s=1&dl=https%3A%2F%2Fnossopalestra.com.br%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Nosso%20Palestra%20-%20Palmeirenses%20que%20escrevem%2C%20analisam%2C%20gravam%2C%20opinam%20e%20noticiam%20o%20Palmeiras.%20Paix%C3%A3o%20e%20honestidade.%20-%20Not%C3%ADcias%20do%20Palmeiras&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACUABBAAAAC~&jid=32036196&gjid=862525611&cid=1685907763.1656921825&tid=UA-170494924-1&_gid=725978469.1656921825&_r=1&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=646438656
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
nossopalestra.gif
rtg.admasters.media/hit/ 		63 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824926
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/script/nossopalestra.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84cede1407c1fb7a06c42bf7be9d6c603f4690b956be3a4efb4cff48e298c412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
cefb1c62-5a28-4fa7-927b-535120f68315
x-runtime
0.012988
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"84cede1407c1fb7a06c42bf7be9d6c60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQdIfQG%2Bcjo1XQwDB9%2F0DP%2FLQRQZ%2FICgGprQYsSofM7Eaxujzi1vdoe2l%2BuCbTdi8tJqtoeI51pfCYWvwoBq%2FpLq47xDFMrIbd3rnCkL7f%2F4uBViJScNrchyoJIHEZA9S70ts4QD%2FOsD7if%2B%2Fz0ksqHT"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7256589e081759cb-MXP
nossopalestra.gif
rtg.admasters.media/hit/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/script/nossopalestra.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666fd27a60842e98bfa35c0483fbd86cd187c0ac9721932556ca339adcbed417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies
none
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
72c8f6c1-472b-43ba-be85-5ac598f81962
x-runtime
0.022492
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"666fd27a60842e98bfa35c0483fbd86c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvJO9%2B%2Fo%2FDfjZrlg8Cu83QlpHcX%2BeLyw3SG6sgl68VlGl%2Fmlbkd%2BRoaYdlauz28A%2Fr8rWkBtvx2t8fJLeHXJqwHqtY8GGtTZ3xrjq%2Flomg04YOTesl5vppe8oq9qtw0OZYguSagzsr2mb6A%2BWNaaGhag"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7256589e081559cb-MXP
OneSignalSDK.js
api.pn.vg/sdks/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pn.vg/sdks/OneSignalSDK.js
Requested by
Host: cdn.pn.vg
URL: https://cdn.pn.vg/push/ilabspush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9ecd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98df77fa1bde63816051f652f3e9a30e29a68fe278a759b24b72c028f04ad291

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:44 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 19 Apr 2022 22:10:43 GMT
server
cloudflare
age
954240
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ov0LtIbiuYg2RjmEtkRV3DbKwM4%2BJ5bHn3LD1eiIJETBD7LmYM%2B9gJwrHS2ABBwXl5%2FmKPv18UgmdgA8KZXpuBpEmdDXwq8dgoxoalsFARC4vsk%2BZMsktQA0JMGoGF7rpjEjfTenSHM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7256589de801bb0b-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
stats.g.doubleclick.net/j/ 		1 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104161738-1&cid=1685907763.1656921825&jid=1852092005&gjid=1073872139&_gid=725978469.1656921825&_u=YChACUAABAAAAC~&z=1544998372
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 04 Jul 2022 08:03:44 GMT
content-type
text/plain
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=nossopalestra.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=nossopalestra.com.br
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448760543967107&correlator=2118884568153305&eid=31068159%2C31068294&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=21817796643%2CAdxNossoPalestra%2Cnp_rodape&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&adks=3673918242&sfv=1-0-38&ecs=20220704&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656921824989&lmt=1656921669&dlt=1656921824012&idt=806&biw=1600&bih=1200&adxs=10&adys=1190&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnossopalestra.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1580x-1&msz=1580x-1&fws=512&ohw=0&ga_vid=1685907763.1656921825&ga_sid=1656921825&ga_hid=1502341247&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
ff87a70dd99c514bc585e9b9d830d321d24f2461299d874a349e44a042362ce2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9519
x-xss-protection
0
google-lineitem-id
5788185733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363739705
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448760543967107&correlator=2495491102856259&eid=31068159%2C31068294&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=21817796643%2CAdxNossoPalestra%2Cnp_mid_destaques_home&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=2817438481&sfv=1-0-38&ecs=20220704&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656921824995&lmt=1656921669&dlt=1656921824012&idt=806&biw=1600&bih=1200&adxs=168&adys=2302&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnossopalestra.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=941x0&msz=941x0&fws=0&ohw=0&ga_vid=1685907763.1656921825&ga_sid=1656921825&ga_hid=1502341247&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
c8ca292330af5fc980867ecd80ec7ede3ac1ed033a53ef80456aecf84b0b46b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9177
x-xss-protection
0
google-lineitem-id
5788185733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363739705
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448760543967107&correlator=241261429042463&eid=31068159%2C31068294&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=21817796643%2CAdxNossoPalestra%2Cnp_pre_destaques_home&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=4&adks=2537792304&sfv=1-0-38&ecs=20220704&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656921825000&lmt=1656921669&dlt=1656921824012&idt=806&biw=1600&bih=1200&adxs=315&adys=1381&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnossopalestra.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=1685907763.1656921825&ga_sid=1656921825&ga_hid=1502341247&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
ec67c96a82d0f22d7f1eca1409178a42a10567c9398fc1239f8d6eb140a63b8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9156
x-xss-protection
0
google-lineitem-id
5788185733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363420549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4448760543967107&correlator=4348567486992272&eid=31068159%2C31068294&output=ldjh&gdfp_req=1&vrg=2022062801&ptt=17&impl=fifs&iu_parts=21817796643%2CAdxNossoPalestra%2Cnp_top_home&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x90%7C728x90%7C970x250&ifi=5&adks=799758482&sfv=1-0-38&ecs=20220704&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1656921825003&lmt=1656921669&dlt=1656921824012&idt=806&biw=1600&bih=1200&adxs=153&adys=829&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fnossopalestra.com.br%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1295x0&msz=1295x0&fws=0&ohw=0&ga_vid=1685907763.1656921825&ga_sid=1656921825&ga_hid=1502341247&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
5c94a9f15c6211af188f0b7c293a43ca5567292ac19428f3f675ff39cda3c565
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9544
x-xss-protection
0
google-lineitem-id
5788185733
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138363420549
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://nossopalestra.com.br
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
web
api.pn.vg/api/v1/sync/b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786/ 		3 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.pn.vg/api/v1/sync/b0eeadb4-2dd4-4ec6-8b2a-e1e3ea065786/web
Requested by
Host: api.pn.vg
URL: https://api.pn.vg/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3249 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abbf6327e8e5fd715d3ce1bb9eb34d0a6f0b332f36305f935944567ee48d218

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c58-jN51x/H7GLdwMzPUi6M1lFDjKGE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88HV9LRmOuHrNSqS2KjAAcw4%2BpjucfBZ01fGGwbdj9%2F9aQ%2F7NeQMfa%2BMCSuFHkbzyjZXTIbNLJpKZ7PcjRpODA%2FvLbdbAgB%2Bh5IBJwvM9q9RczOf6XDFg%2FM6a60NXsS2UYKZs4jSops%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-exit
success
cf-ray
7256589e8a21374f-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
container.html
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E526 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:44 GMT
expires
Tue, 04 Jul 2023 08:03:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame E526 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 06:04:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Jul 2022 08:03:45 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Jul 2022 08:03:45 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6B12 		624 B
975 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:45 GMT
expires
Mon, 04 Jul 2022 08:03:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame E9C9 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bbem2CZEc3Z7GBUXQuuN9f4k70xj8Az-r8Eo7--e9nA5ejotjBFXye466Df2opciSy3lUudhUiyk9-etKVcJ5E2y6a6ugLuxuZh2cuyn_0CRiuuPxnNrxDt6HDtGwWN4YT9U7AuvuDKxHoGT-SWQqvUBgWWw&cry=1&dbm_d=AKAmf-AAMZFK8i-Bxdwq_51vo9roSNe2IEsuIZYVOTWirEXJhZ2bNxs24p7BHbpIbOAwuuAjraoXLzN2G5_4qhS2-xr8cunmRj2UMVzjJRGiJTSN7jeR_KwD4M0lsqdyK5wXBiVjC4NiE5pAlawPCfepAh6cNRaz3yPVfKuxZzH_djXN3bz5JD0JU2jn8nlHX68DysqietEhBFaKoO_an_TztnuP5cK5EN2ksiiM4b6E41ARb7qHwLIAIeZu-yWqvh_jDPN5mLb_JLCNxF76rjYIaFgFAfOA_6W5RFMS1DOVEBNEar-mJCWUxjX1K-YmAJb5HoEFBhnobnsRww0QVYriWYEBpjQ7rTbjHC2vM5GeQOySQDvAVSvQBa3uya7vscgqj1sd-V0t2VCcjenrwp7avmo-t4W_QoY2uo98hLSnTKK6D6w_AGMjxNvtF9GqH988iEd1PYN1bM3rSqyRmVzmzDbP8rNesrZqeCN7DV-J4T4OGM50BGPGCe7dG-GbKap9koerjrs0waLiDauC9IT373SDUhBAi-k4FX8R-m09DvrFSpbTyWR1dqy_c53WNf8aJd6ReCXFzG0oGzT__Bd7LCgXSDm3nS83ABW2NJ-Bd_UVIw_qylwmQ2vusQoSb_IviAjU8QHwl859Gs5_KioY83-TbKTri5TMFoCmtyF4ZvDjBmRhrN3QM1Z6IHL3IpAs8eaCB-Sh-iUMV7eD0pnOvAIyEw5nJX-XPn_EzTdwGq2urmivuc6KQFiy5pc1klxYhawCDaAIBXVM7OazR_EZK0cRCzfW-vxTM-GirGZhEQu6kCibfswsOpJDoZaSx5eJW1uzL5dzzB6TOy9LkDQMUz-nRQgWP522RSlTbteVjcO2TxP-jj1Es9Ea4L7USTWAUh-XKv6VKpdEkBd2Xcvedpzgr18ooZvV0rzeIhT1gYZflLNN7wX-Nyo3KsSZ1KJGOSkJui3LwP-k23PwSTuxI4PCAkBULZqAQprAi0Uv4WC74TgooXAK6OroqZJ5YYNLKVSrl2Pgzb5LF1jKp-nchtDgPew8839a7ttLBSUwrlq7HidAhlY8zBxy5xcsxsTQZDHDqinaad2v50t1pSzUT9tTeBAfx5aTLY9pZCeIo5a8GB696EHgTtzdg-QV5Vs39gMY_-5LPlZGjOo69_TS4-I-M_dW-vrVpzmrA3xgXAd66OI2yuxZN0QJOumR2LFNqdadtdmMRD1GzJWZDcBqsInQ5h71wikbrtADRAL6DQyQq7tcAky4yBuZpXOBFjVD8UatBjhxp4Et3o3lQ9R7fmVsZvm8Gcvlsb4jX2quz2CxC4yfNE2dP0z4C2H9IExIbY3El6BZL5jn1n7sqxJOmvJlW8TUply8legIqn7WXE49s87mf-zr2W6CKgcRWDuvcFVmV_IqWRYEJDDzg8qLkvCkbE0eHbHnIGwhwW5LuKCXgblId_OHCUF4suRlfTvxF7CdA8uaZaJPkmA6ntdij7ENlW0zoQpWWZOsQXSZJOz082fz0objTlTMr-6HeHQsajvJnbN1jB9gKr4om4Dr5EUy57nrocgdeOWTxYoj_mCct4V4fHmWCElSO6Ne8rSDTL7j3hs3hPKidNwOZ1sTLznNJTQJNBI0TAmbFO-40UNgS1YFobM04cJdDK8ZgvHFF55dRiqfDdntC4wDaiExP1vZ-wnNXJtk8joAiloDbHC_E-NryjQB2VHgHsitYdOjTjQPNCGSILQ8_04uHJshd5WzHBJut4AQq9D5qzYJEaI83bR9YHcdeCGvMv9DybcL2DPS2y_gqRZDqG3EWNkUkyEFRQjRSRlm8eKWRmlcrSa0VpZIYERQjZf1uOeOrS9V8R8kwZzqryrEfKXRm3ZK_mPDpkUihjc4wsXpct6ikR4bK248nJh_l02e3wxgVmuip6aDvvbORPJBlqujwgSWZTsp-FF5rvAVCIn9H1LtAGYreXqt_9K4hirosfhdDePIVcseEQ9BnRGM35dHR6zyEJSLIzoaXaM87qjyfCZ583-_TrPnGtI_1aedBU4SVJsQOSohAE1Tn-hza6bO9TRGQWeQhYR4CoPk3pxeRk5Oww72cfd6KwZRrcVnvKwMTAKdNSf2qmjwTRdM6lWQtkLsRWOaEgmYPQOG7zZxevf8giNQZT78CYV8E9__InMY7WEZrZPe9zHD6jcwOPHsuB6dAFlrHDYAENSWsNGgDsexS0CE1_nalBk4obPBaN4r_ELvTW2efB898fdpAv1xn8nbAu6uh6FoyPZpn3yAW0UbQ0aWmIEqbLWU3QtVt9d-E9BYEzGRz_502-iwkwb6hLUlJA2cea_xo0k9U90W4gnyHNlbe6hW4GsST4U3KX37sBGEWLGtGbZtKIJFi2e3KAQx5Z0L3vmRNTBy64HxfTfFlOGJ74cFluQq3EYvUPpwr0mREP9v7FfEdXR_W0clGDs_AgbZaEQhPyFE1v-8c0kE1ZfBZlKsvQNpKjRQw-SgDvb4S8TFXZAeX7W0Pdb6Jhof2-zsau5ok3psIDqG-J2e0nYnKQo2Z_5B7geAgYaFu5AQogmcg-eUtfDvlCybWwOlcakCI6LZ54fZ0NcUfct7rPCDVtBgmGUDuo5-jfk7CWpVXYfeB-W3_qt_gVgT_8OYS3F7UFQef-lshSNOhqUwp7kls4Ok_UMkUcjYfc0c_DZpQQ-vAv-bnGxxK6czgfb2ZrWT0abYpAOFargg41OA1hdc1Z_lt156_2dFcqmei_ilGygHXTdfKZ8jd2QHylTRYBEdcl46tr3u02dVQYJXksEaZqf9tJI&cid=CAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyek&rfl=2%2Chttps%253A%252F%252Fnossopalestra.com.br%252F%240
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cf960626dbc2b59f6af82c1c12713580a00de33097c694231bfb26a7494271a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame E9C9 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW9zQgsvbtqgUinXQMo99zjNY8xkiIBOcA30FJ_eDeg8qf3GQg&d=CnkAoCZ_4Lfl5sJ2asay6_Xmtese7a_TV6jZgfAdsblOLy5GAiukxCbxYj8w4x_kJJFu5iiTguvXsfJ5UUBbnLuR1bC6fUR92ycp5Hd4kM7zIJxWvwwpR6_gcR2Rou2SISr6K3ebJsIRT-Qk9mi5pB1PiAF0Sc7DZBpOEskSAKAmf-DLRg0P9OQJE7QSE5I5-HkU2FJ5DjHw49F4CfoND5fsrU50yv-GDpg4Xw9mWR3vwxdf9IipYYGoH35CVXVXHAUleMfecYl_mXmvptJnGkB-KMOGrDLJ9YZTpN3nohSKvXjjXwog1VnN3SDN2q5ZakzLWjOwmJDIRLY8iGZWs9gnIy0qOeZqPtrW9gfz5oPBk0g5khzLXkWn0_3Di23lEm57QIX4zI-6VWd9eEfvUShyiJe4LVn0C6NnXN8v_ZhXYVijwsMMeojgmmyEdMRo8fLPd8XV0JslGWfR1a_EkTvf-4MF4D-T8G_-8eNy2ZB9oYKSOgqwjCMXg4DGKgOwmH_vJUSHQ2_dSOlxnGwJhIPZo-SezcAE4ocJg0XxuXa_8rWYSTg16kzrO-k-XtQ0_dNp-P0n1BtBTkneR6IzIyGfoYGqvAEn919v7o_RTwtAS_6Suj4j3N_oyWn5q-t2V6v9ZFcRyUsMbrhtheTGgeTw3YAaonrHDd6vZOmz1EvPTmAdfcVboMUiBS-eIc4OK-mEG1ozIn5Q04Uxh4Ov-ruS8VKgtjspJgdyKGDnhzKApfQq8mp2OOBO6Ex2ZqDbB-rbkRi9Pes5lBIzqHsVAa2KOxsCbGr0fqG8Lvopec_vmHzTZ-mNaahavYFSY0UG2M06YKunaZWCqHRzc2i0-M5TSZzj40Ra1RQ0H4OQJSghQWXR7GYhwXB1wdiyntVObnGBnpVvJlsDH1htLmR15uHZuEns0MbmtJYRZVOL2Viwk7HmCYh1dM82kxLThuLF7BByW9ii80dhQOwnjhMpCtkPjU_ufSUBYXEmwIwgFFwI9ZOFIFOTGIM04EiLAUZfm7jZFMnbIapDuabFNhokoxNcvQqO-Xv98F7PGeXYcBo87EE4k6ShSYo_fgSKwMKYG2-FPOLsF0w1gNZVPjvcIO5am4YeDf5eoVlnApiN909ghHejcvCJtm3sQ9tEUnL4Q4YISDIWfz8CBaGs0M8tl7HoaDU2Ae-G5DGPLNL6y-aG4O-k2taNpbyhEjQyqnMYf1M5MDf4aqcNWPwUf5lVcLLwCZ-JiTwaeurUQnrkLqTsQUksScSxOPoY5uMLDFXnsib8LtR48lBx3ClQMmONcupucLwPPYeF4htc-Mh8HoLnYTs1v3BcvvQJV3cZ-Cx82NB8lCCS78JX6e63cTETvFqOCvsv7RnljOZlMEN5Xr6dEjxZv8p3s5PNz4MAbx_kYZiLgucyXgXMv-6nIVAS6jjP0EdyhUPLPv0h2MYoyZxs1GooipPH4M19x-7Vlokhrc7c0v43it0PzFv9ipSHBkw96oVH_rjNiS0bhAYlXkxWl3Kd_Xd8euZHa9sluoekUEF5pN4lZnHaTdC9U-KJJIM6MyI8CciddIe5CZmVpwcP6vr9jMLcKnc7-ibgxJPrV9jVhp2gELb7s5zmdHOv3jPo1bs59Sqbst8tpjVSc61iUbbl8M3NkQab3UQtmKNQ6dEabuNhMp88MsMKfBSpW7Sy22uT4xqaVlXER9ZhqA523hOKTPXVCQw_UBRh8oaNLKbvsLmdEXs5GkUyPqwRuMxHvNAUzrdxFAoOUbXQKapAQi0XT3gB4mvMcQMuLg3cutRWtH4KSO2Uw4qO9yFChrUUBh8j2DBdBokxYOLaF6viONKLt08PDGt9r4eZu5vJoVTZ9XcJb-KZk0WYrOfeQszr_yDWsq3gJXEWp2wD60a_7Kk7PRaYFzx64DX9mIMFZ8EhyX2exdb70fzKCXFROxQv7WjJHOAlaekZ0JhhYe7-DdVcUbe6sD1R645sTtYygrEAaHyMEkpAeoHyUJYrjb1kcUSATI7HUgBWVXYtE16wLjqgIoPmaYrOHkvbElfIi7VG5A2QnAzRSu9cNSiRCm0VsFoqONG7VbMdHI5EiIxWWniB4D9cOMa-A8mE9jnfEp8EAOAIcg8gHzs4gqlJt8NlwJglRMbHItsFeK5Ez7Keuec5pTHcdoxuB6Wb6L85TJdtY5SclsZwvwMLckaR75TfTXqnMwDw2UgVbglhkYGMQFvmMH_85WbsJeHmNJOC3jxSjJ6aEjeq70jt4kdTExq1ck3f6LgLOYk1pvBf5BE0O2dv55oWw-EZ8lvzcmC_s1gSNfM7EsfVaGJ9jcedt8hZcMiHGhV08nRBmA4kIO_0W-bLhAmC9O7UBvCSGS-AVmoQnmNMZK9Afvb_v0-Oq1K-aiJ3pfPhmwVhldLKC8nM_jdXMaTBFmNpMoBN0R54dOINan8grgad6RwlHSSol9CEHP--6EJJeFAmkCWvGCmjfZBWqwH_5e9e2_j_sJTl8cgUAB3t37I-hBd_bWNmxMePxxhDpJRIT7U3agQjlsDDj-sp3zdpUzHQaedTeNqX6ZkMX6TOLHRdwmLRuq3H1AGoNpepyWBcUcsZwnsnJIhGDVBanpS95QWov-ecsZj2AZ2pRDzeQhsdTZCo7bzxOEnMPJjMraO0u7oYnLhZP8tBmW3DJsWSJvj45Rtja0KwwbZrPwGyKHWDGU9CqMz44sDEY1wPYpkAwmjxO7aR9md9pj4JCVuHzuvqonw7Lfueba54p-dteU5YQi3s4Sitl1Ivn8_xmkV0Xbd0P4EEkdo8HlLIr6FVwwUr06Viayryw7QQZ4_ou1jFtg2jUW3X8QmsMz6LhwFQDqT-FCmOX_EMecTx67iq5ofpegjwwjaOyY5wh4y6CUEqMVU0yzlTuCtKLn4WDQFFFFC168qwzL2ujQszsoEF_VIzjqX3jojW93vaURnDeTiovLZZn8VHXmogWJ-Bkj5pdfVd_PuYd6_I_bLOTzVJpRS-McyNvAK6VX_4V9rCV91ty2LjgB9b4LpNWdh3qaDvi-A7j66ww2Cy5m5wrWG0Y3oL4uXra9vQN1LK1S_xqnTtoBFckSGCxpYo2_3U3bEIfK4QKoW5Owt4M0w5c1w4-3OutjbuegbTFFt_T2vLyBrDMxa5zkVrJGyIKpQosB8LWqrgnV0qlsScpHDlKygmREWWG9R-ICCpCBhya7a0bk-9wnN0XVmCXCaZvoB1UvHGn3XSLcvMSHLYJAT83XfsiKtj6GUmyhQDjZDoL5w_Iae8LkM0h7pQCpy5PgEpVJQB4MVldbNTEXVuIkJi4ht1pziFgyKJv2yWVOljjmV-TxosCAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyelgAQ
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.15.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wr-in-f156.1e100.net
Software
cafe /
Resource Hash
5c3aa98fdb3a178ae571704a853b6f1c21a061a1715a61666353094d6414c426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23529
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/1005482/61968029/dcm/ Frame E9C9 		234 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/1005482/61968029/dcm/dcmads.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.241.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-241-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6be7a05ef4b651014b2d154d69c78f749c6b63ea187089fca1111f5bfc860b6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E9C9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
90
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:02:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E9C9 		138 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:45 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame E9C9 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:03:01 GMT
l
www.google.com/ads/measurement/ Frame E9C9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXI0MG0u00oMWeruEqluRwTGzIf7psLYgGGdFt2i3dQXUdbZDoIX5zjJH9otNLJaTU0Hrp8injL6sgx6374GsrEbOmRw
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame E9C9 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrzP02ZPkn3ZW_vaO3vQ_Io9o_G0mx8HEjSKM2owhwRXr0T1nOZEsGtySTLRx7Z14Tqn3NCBxovjqerBvWp1jaYZsD-oLXXLST-MVR_gHZA9pSgqo
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame E526 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8263
x-xss-protection
0
server
cafe
etag
17157773748623750166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 07:23:36 GMT
container.html
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0D0A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:44 GMT
expires
Tue, 04 Jul 2023 08:03:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DDC6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:44 GMT
expires
Tue, 04 Jul 2023 08:03:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0D0A 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 07:46:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 0D0A 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fb087357d50ac16cb1918bec3966fd45d2d092a10c49064b5e1a2c3bcfbc412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Origin
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56370
x-xss-protection
0
server
cafe
etag
18279528678945038069
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0D0A 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:45 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1&C=1
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
725658a1aa225b80-FRA
pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zIr4AzCAWcOKAs0MaddOdu0PB%2BqWAtDfiAuagf7joWp91ZAceGY%2BzGrgG3kvwwnX%2BvqXYlwE28mf%2FPMXxNLxkQj1c53SJnmcvYCF%2F%2B7TBYZub1CfoKLBqMJ7DHaWOVlYprsBIcGdqLkkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gavsYirTXgQqgH1GVWCTxU5%2F2TyjUCItukkKZPne8uFaxEOonSO2HYQJl5ofd5WeULYsD4Q9XXsk1PuMsKnLeMYw0sl7qXYlEzYgTdgk9vy0pi%2FE5idz%2FJ8N3pVPBnyRb7Yc2tVhF9BdEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEHkGEouKzKHrAYfnQnHk11c&google_cver=1&C=1
cache-control
no-cache
cf-ray
725658a138a29be6-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 6B12
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsKe4cfIkoufLZ.7zHRAsQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPYrdg9cM_QanX7FR41gb6M&google_cver=1&google_hm=2
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPYrdg9cM_QanX7FR41gb6M&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray
725658a28b595b80-FRA
pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coD78U8OtovMquDuHu4vEL98p98UbDKq%2F0drotkblUzNGiJErz1ilnrN6fnUGRZzo8TuPkDa%2BSOZq6XXq2QkNc3N66BoKT4uEku2Ca8gPoYKnycqTWn1areuxEQ9BzApvF0hCvS8e9nScA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPYrdg9cM_QanX7FR41gb6M&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 6B12
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJgkIO8ISN2L3UBZK82cu0Y&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJgkIO8ISN2L3UBZK82cu0Y%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJgkIO8ISN2L3UBZK82cu0Y%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Protocol
HTTP/1.1
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:45 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
736cd5df-e83e-4656-996b-05d6cd1ddfee
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:45 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
74c945a1-ae7b-4dc6-9450-30b77c2f5c57
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEJgkIO8ISN2L3UBZK82cu0Y%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6B12
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5OTE5MzQ1MjE3ODE5OTU1Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5OTE5MzQ1MjE3ODE5OTU1Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJCTupUDEPK-3ZgDGIzVmscBMAE&v=APEucNWAZ_dqnigpHmPsYTfvsAGvTWEUK8nAWiHKkkjxO239-FSofjxG1jAtB4QIfwOEgXdZmm6Kq6Wpe05fAfAYJtyoKauyc1qUx_RJ40nszeQOtw7RiG96xkLptRPgRp9qV1EJBlzi2zXL-POiDuosZ8njAuippH799BuiHjWo103LSvpccb8
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:45 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
628bedb8-ab39-4188-ac59-c71eac869ece
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTM5OTE5MzQ1MjE3ODE5OTU1Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DDC6 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 07:46:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DDC6 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1934058e6d25db05570e3f2c827a59d7974d55098c59349795a1a32af337c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Origin
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56374
x-xss-protection
0
server
cafe
etag
18379272484177946478
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDC6 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0D0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukqwzLpun4W0Jjka2KNS77FVgSTR_g9BRlHC7CKNCrFmM2i57C7M-ipoJ3csmOz27Bc04qEA_b0SUtILNBAV6Ll9u8_8G6LmR4q9gTRybfHngnLs8BRSLL0njqJMP-E4acVIGjcjnVPRuDs6VxAoTy-KAGKrcnmDKtEUcrv2r5Qtl9MVu__bR3SWxco-qC_TbwZD0PzgmIRub2LpFv1iXnrM0zx_S7MlGNi9XnSafKTObhQ2PLzF0w4bKlZcII8E_vdGqk8iwxSc_CBWE5fPiUshlwqqlBtAmQrstOGuDB9ip0798LWORje_Ur8R24IvrMwokvuAEiF8G841EHLYc9iQ-udKIh7Q&sai=AMfl-YTKC2_pVEOievk2sMXjP-MwoaRPo0MDsaIH7xCn0ru25ExHXtCyE3dMuacbHWvh6lb_c0-Phj9sUqmUmODIvSs-0v9bLfEmrGNkqLPUfjvmjYYtZ3nevn0PHTo0qp4&sig=Cg0ArKJSzKR0IwO8pAWtEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E9C9 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bbem2CZEc3Z7GBUXQuuN9f4k70xj8Az-r8Eo7--e9nA5ejotjBFXye466Df2opciSy3lUudhUiyk9-etKVcJ5E2y6a6ugLuxuZh2cuyn_0CRiuuPxnNrxDt6HDtGwWN4YT9U7AuvuDKxHoGT-SWQqvUBgWWw&cry=1&dbm_d=AKAmf-AAMZFK8i-Bxdwq_51vo9roSNe2IEsuIZYVOTWirEXJhZ2bNxs24p7BHbpIbOAwuuAjraoXLzN2G5_4qhS2-xr8cunmRj2UMVzjJRGiJTSN7jeR_KwD4M0lsqdyK5wXBiVjC4NiE5pAlawPCfepAh6cNRaz3yPVfKuxZzH_djXN3bz5JD0JU2jn8nlHX68DysqietEhBFaKoO_an_TztnuP5cK5EN2ksiiM4b6E41ARb7qHwLIAIeZu-yWqvh_jDPN5mLb_JLCNxF76rjYIaFgFAfOA_6W5RFMS1DOVEBNEar-mJCWUxjX1K-YmAJb5HoEFBhnobnsRww0QVYriWYEBpjQ7rTbjHC2vM5GeQOySQDvAVSvQBa3uya7vscgqj1sd-V0t2VCcjenrwp7avmo-t4W_QoY2uo98hLSnTKK6D6w_AGMjxNvtF9GqH988iEd1PYN1bM3rSqyRmVzmzDbP8rNesrZqeCN7DV-J4T4OGM50BGPGCe7dG-GbKap9koerjrs0waLiDauC9IT373SDUhBAi-k4FX8R-m09DvrFSpbTyWR1dqy_c53WNf8aJd6ReCXFzG0oGzT__Bd7LCgXSDm3nS83ABW2NJ-Bd_UVIw_qylwmQ2vusQoSb_IviAjU8QHwl859Gs5_KioY83-TbKTri5TMFoCmtyF4ZvDjBmRhrN3QM1Z6IHL3IpAs8eaCB-Sh-iUMV7eD0pnOvAIyEw5nJX-XPn_EzTdwGq2urmivuc6KQFiy5pc1klxYhawCDaAIBXVM7OazR_EZK0cRCzfW-vxTM-GirGZhEQu6kCibfswsOpJDoZaSx5eJW1uzL5dzzB6TOy9LkDQMUz-nRQgWP522RSlTbteVjcO2TxP-jj1Es9Ea4L7USTWAUh-XKv6VKpdEkBd2Xcvedpzgr18ooZvV0rzeIhT1gYZflLNN7wX-Nyo3KsSZ1KJGOSkJui3LwP-k23PwSTuxI4PCAkBULZqAQprAi0Uv4WC74TgooXAK6OroqZJ5YYNLKVSrl2Pgzb5LF1jKp-nchtDgPew8839a7ttLBSUwrlq7HidAhlY8zBxy5xcsxsTQZDHDqinaad2v50t1pSzUT9tTeBAfx5aTLY9pZCeIo5a8GB696EHgTtzdg-QV5Vs39gMY_-5LPlZGjOo69_TS4-I-M_dW-vrVpzmrA3xgXAd66OI2yuxZN0QJOumR2LFNqdadtdmMRD1GzJWZDcBqsInQ5h71wikbrtADRAL6DQyQq7tcAky4yBuZpXOBFjVD8UatBjhxp4Et3o3lQ9R7fmVsZvm8Gcvlsb4jX2quz2CxC4yfNE2dP0z4C2H9IExIbY3El6BZL5jn1n7sqxJOmvJlW8TUply8legIqn7WXE49s87mf-zr2W6CKgcRWDuvcFVmV_IqWRYEJDDzg8qLkvCkbE0eHbHnIGwhwW5LuKCXgblId_OHCUF4suRlfTvxF7CdA8uaZaJPkmA6ntdij7ENlW0zoQpWWZOsQXSZJOz082fz0objTlTMr-6HeHQsajvJnbN1jB9gKr4om4Dr5EUy57nrocgdeOWTxYoj_mCct4V4fHmWCElSO6Ne8rSDTL7j3hs3hPKidNwOZ1sTLznNJTQJNBI0TAmbFO-40UNgS1YFobM04cJdDK8ZgvHFF55dRiqfDdntC4wDaiExP1vZ-wnNXJtk8joAiloDbHC_E-NryjQB2VHgHsitYdOjTjQPNCGSILQ8_04uHJshd5WzHBJut4AQq9D5qzYJEaI83bR9YHcdeCGvMv9DybcL2DPS2y_gqRZDqG3EWNkUkyEFRQjRSRlm8eKWRmlcrSa0VpZIYERQjZf1uOeOrS9V8R8kwZzqryrEfKXRm3ZK_mPDpkUihjc4wsXpct6ikR4bK248nJh_l02e3wxgVmuip6aDvvbORPJBlqujwgSWZTsp-FF5rvAVCIn9H1LtAGYreXqt_9K4hirosfhdDePIVcseEQ9BnRGM35dHR6zyEJSLIzoaXaM87qjyfCZ583-_TrPnGtI_1aedBU4SVJsQOSohAE1Tn-hza6bO9TRGQWeQhYR4CoPk3pxeRk5Oww72cfd6KwZRrcVnvKwMTAKdNSf2qmjwTRdM6lWQtkLsRWOaEgmYPQOG7zZxevf8giNQZT78CYV8E9__InMY7WEZrZPe9zHD6jcwOPHsuB6dAFlrHDYAENSWsNGgDsexS0CE1_nalBk4obPBaN4r_ELvTW2efB898fdpAv1xn8nbAu6uh6FoyPZpn3yAW0UbQ0aWmIEqbLWU3QtVt9d-E9BYEzGRz_502-iwkwb6hLUlJA2cea_xo0k9U90W4gnyHNlbe6hW4GsST4U3KX37sBGEWLGtGbZtKIJFi2e3KAQx5Z0L3vmRNTBy64HxfTfFlOGJ74cFluQq3EYvUPpwr0mREP9v7FfEdXR_W0clGDs_AgbZaEQhPyFE1v-8c0kE1ZfBZlKsvQNpKjRQw-SgDvb4S8TFXZAeX7W0Pdb6Jhof2-zsau5ok3psIDqG-J2e0nYnKQo2Z_5B7geAgYaFu5AQogmcg-eUtfDvlCybWwOlcakCI6LZ54fZ0NcUfct7rPCDVtBgmGUDuo5-jfk7CWpVXYfeB-W3_qt_gVgT_8OYS3F7UFQef-lshSNOhqUwp7kls4Ok_UMkUcjYfc0c_DZpQQ-vAv-bnGxxK6czgfb2ZrWT0abYpAOFargg41OA1hdc1Z_lt156_2dFcqmei_ilGygHXTdfKZ8jd2QHylTRYBEdcl46tr3u02dVQYJXksEaZqf9tJI&cid=CAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyek&rfl=2%2Chttps%253A%252F%252Fnossopalestra.com.br%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Jul 2023 07:46:06 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DDC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvIgUMwlAZZdnQZW6TUHMU67lcDy-2Aj2-OR7zrKuZbyqPLmuqnonjIXvMJu5huKLa_XoElfe_wwiqMSWMi9xge7_0jbbBhlBlpr0WHzCaZh6La4rQ8NCQn9e8VGZbk8NxFYwxeE5zGrhy4x7k4edRBz4GxW5-UdAIIRQCb_yMd-2sTUFpWyFqBmVLdEnhkaEAa6CRBmaavV-yjc-VbuSQXKNHo0AESujCq2jCiZ756yYvbglmtBbnHhnr5vt1GteBgEj4q90cBElTDm2UbK_7JSE_8S_6NuZ8y_uUKDK-Tq4IWxqMLZt8Lf-YoQc2_JklR_H7USIaYFWmapEcKEZo3KIGIqtYZ6eDX&sai=AMfl-YT74vjpy48jtwBRT71JXBSoAU-RpvdGU73-SVuVEostj4VJCeqgIAIYTUwCfSzW6AEV2n3uehKbmqbVSf_gfLGVjhNKV3Qo76-iMG18Zm0S3tpfs-JVYBCmOVuif6I&sig=Cg0ArKJSzMXaK9dUsQEMEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5AFB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1058
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:46:07 GMT
expires
Tue, 04 Jul 2023 07:46:07 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0D0A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48b2ede3b4e6ae84bc5f306fac89cb1505629f5e0b5aba0ed486d58b0c06a3bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E9C9 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Origin
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 10:45:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Jul 2022 10:45:56 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/ Frame E9C9 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW9zQgsvbtqgUinXQMo99zjNY8xkiIBOcA30FJ_eDeg8qf3GQg&d=CnkAoCZ_4Lfl5sJ2asay6_Xmtese7a_TV6jZgfAdsblOLy5GAiukxCbxYj8w4x_kJJFu5iiTguvXsfJ5UUBbnLuR1bC6fUR92ycp5Hd4kM7zIJxWvwwpR6_gcR2Rou2SISr6K3ebJsIRT-Qk9mi5pB1PiAF0Sc7DZBpOEskSAKAmf-DLRg0P9OQJE7QSE5I5-HkU2FJ5DjHw49F4CfoND5fsrU50yv-GDpg4Xw9mWR3vwxdf9IipYYGoH35CVXVXHAUleMfecYl_mXmvptJnGkB-KMOGrDLJ9YZTpN3nohSKvXjjXwog1VnN3SDN2q5ZakzLWjOwmJDIRLY8iGZWs9gnIy0qOeZqPtrW9gfz5oPBk0g5khzLXkWn0_3Di23lEm57QIX4zI-6VWd9eEfvUShyiJe4LVn0C6NnXN8v_ZhXYVijwsMMeojgmmyEdMRo8fLPd8XV0JslGWfR1a_EkTvf-4MF4D-T8G_-8eNy2ZB9oYKSOgqwjCMXg4DGKgOwmH_vJUSHQ2_dSOlxnGwJhIPZo-SezcAE4ocJg0XxuXa_8rWYSTg16kzrO-k-XtQ0_dNp-P0n1BtBTkneR6IzIyGfoYGqvAEn919v7o_RTwtAS_6Suj4j3N_oyWn5q-t2V6v9ZFcRyUsMbrhtheTGgeTw3YAaonrHDd6vZOmz1EvPTmAdfcVboMUiBS-eIc4OK-mEG1ozIn5Q04Uxh4Ov-ruS8VKgtjspJgdyKGDnhzKApfQq8mp2OOBO6Ex2ZqDbB-rbkRi9Pes5lBIzqHsVAa2KOxsCbGr0fqG8Lvopec_vmHzTZ-mNaahavYFSY0UG2M06YKunaZWCqHRzc2i0-M5TSZzj40Ra1RQ0H4OQJSghQWXR7GYhwXB1wdiyntVObnGBnpVvJlsDH1htLmR15uHZuEns0MbmtJYRZVOL2Viwk7HmCYh1dM82kxLThuLF7BByW9ii80dhQOwnjhMpCtkPjU_ufSUBYXEmwIwgFFwI9ZOFIFOTGIM04EiLAUZfm7jZFMnbIapDuabFNhokoxNcvQqO-Xv98F7PGeXYcBo87EE4k6ShSYo_fgSKwMKYG2-FPOLsF0w1gNZVPjvcIO5am4YeDf5eoVlnApiN909ghHejcvCJtm3sQ9tEUnL4Q4YISDIWfz8CBaGs0M8tl7HoaDU2Ae-G5DGPLNL6y-aG4O-k2taNpbyhEjQyqnMYf1M5MDf4aqcNWPwUf5lVcLLwCZ-JiTwaeurUQnrkLqTsQUksScSxOPoY5uMLDFXnsib8LtR48lBx3ClQMmONcupucLwPPYeF4htc-Mh8HoLnYTs1v3BcvvQJV3cZ-Cx82NB8lCCS78JX6e63cTETvFqOCvsv7RnljOZlMEN5Xr6dEjxZv8p3s5PNz4MAbx_kYZiLgucyXgXMv-6nIVAS6jjP0EdyhUPLPv0h2MYoyZxs1GooipPH4M19x-7Vlokhrc7c0v43it0PzFv9ipSHBkw96oVH_rjNiS0bhAYlXkxWl3Kd_Xd8euZHa9sluoekUEF5pN4lZnHaTdC9U-KJJIM6MyI8CciddIe5CZmVpwcP6vr9jMLcKnc7-ibgxJPrV9jVhp2gELb7s5zmdHOv3jPo1bs59Sqbst8tpjVSc61iUbbl8M3NkQab3UQtmKNQ6dEabuNhMp88MsMKfBSpW7Sy22uT4xqaVlXER9ZhqA523hOKTPXVCQw_UBRh8oaNLKbvsLmdEXs5GkUyPqwRuMxHvNAUzrdxFAoOUbXQKapAQi0XT3gB4mvMcQMuLg3cutRWtH4KSO2Uw4qO9yFChrUUBh8j2DBdBokxYOLaF6viONKLt08PDGt9r4eZu5vJoVTZ9XcJb-KZk0WYrOfeQszr_yDWsq3gJXEWp2wD60a_7Kk7PRaYFzx64DX9mIMFZ8EhyX2exdb70fzKCXFROxQv7WjJHOAlaekZ0JhhYe7-DdVcUbe6sD1R645sTtYygrEAaHyMEkpAeoHyUJYrjb1kcUSATI7HUgBWVXYtE16wLjqgIoPmaYrOHkvbElfIi7VG5A2QnAzRSu9cNSiRCm0VsFoqONG7VbMdHI5EiIxWWniB4D9cOMa-A8mE9jnfEp8EAOAIcg8gHzs4gqlJt8NlwJglRMbHItsFeK5Ez7Keuec5pTHcdoxuB6Wb6L85TJdtY5SclsZwvwMLckaR75TfTXqnMwDw2UgVbglhkYGMQFvmMH_85WbsJeHmNJOC3jxSjJ6aEjeq70jt4kdTExq1ck3f6LgLOYk1pvBf5BE0O2dv55oWw-EZ8lvzcmC_s1gSNfM7EsfVaGJ9jcedt8hZcMiHGhV08nRBmA4kIO_0W-bLhAmC9O7UBvCSGS-AVmoQnmNMZK9Afvb_v0-Oq1K-aiJ3pfPhmwVhldLKC8nM_jdXMaTBFmNpMoBN0R54dOINan8grgad6RwlHSSol9CEHP--6EJJeFAmkCWvGCmjfZBWqwH_5e9e2_j_sJTl8cgUAB3t37I-hBd_bWNmxMePxxhDpJRIT7U3agQjlsDDj-sp3zdpUzHQaedTeNqX6ZkMX6TOLHRdwmLRuq3H1AGoNpepyWBcUcsZwnsnJIhGDVBanpS95QWov-ecsZj2AZ2pRDzeQhsdTZCo7bzxOEnMPJjMraO0u7oYnLhZP8tBmW3DJsWSJvj45Rtja0KwwbZrPwGyKHWDGU9CqMz44sDEY1wPYpkAwmjxO7aR9md9pj4JCVuHzuvqonw7Lfueba54p-dteU5YQi3s4Sitl1Ivn8_xmkV0Xbd0P4EEkdo8HlLIr6FVwwUr06Viayryw7QQZ4_ou1jFtg2jUW3X8QmsMz6LhwFQDqT-FCmOX_EMecTx67iq5ofpegjwwjaOyY5wh4y6CUEqMVU0yzlTuCtKLn4WDQFFFFC168qwzL2ujQszsoEF_VIzjqX3jojW93vaURnDeTiovLZZn8VHXmogWJ-Bkj5pdfVd_PuYd6_I_bLOTzVJpRS-McyNvAK6VX_4V9rCV91ty2LjgB9b4LpNWdh3qaDvi-A7j66ww2Cy5m5wrWG0Y3oL4uXra9vQN1LK1S_xqnTtoBFckSGCxpYo2_3U3bEIfK4QKoW5Owt4M0w5c1w4-3OutjbuegbTFFt_T2vLyBrDMxa5zkVrJGyIKpQosB8LWqrgnV0qlsScpHDlKygmREWWG9R-ICCpCBhya7a0bk-9wnN0XVmCXCaZvoB1UvHGn3XSLcvMSHLYJAT83XfsiKtj6GUmyhQDjZDoL5w_Iae8LkM0h7pQCpy5PgEpVJQB4MVldbNTEXVuIkJi4ht1pziFgyKJv2yWVOljjmV-TxosCAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyelgAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
128
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:01:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame E9C9 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNW9zQgsvbtqgUinXQMo99zjNY8xkiIBOcA30FJ_eDeg8qf3GQg&d=CnkAoCZ_4Lfl5sJ2asay6_Xmtese7a_TV6jZgfAdsblOLy5GAiukxCbxYj8w4x_kJJFu5iiTguvXsfJ5UUBbnLuR1bC6fUR92ycp5Hd4kM7zIJxWvwwpR6_gcR2Rou2SISr6K3ebJsIRT-Qk9mi5pB1PiAF0Sc7DZBpOEskSAKAmf-DLRg0P9OQJE7QSE5I5-HkU2FJ5DjHw49F4CfoND5fsrU50yv-GDpg4Xw9mWR3vwxdf9IipYYGoH35CVXVXHAUleMfecYl_mXmvptJnGkB-KMOGrDLJ9YZTpN3nohSKvXjjXwog1VnN3SDN2q5ZakzLWjOwmJDIRLY8iGZWs9gnIy0qOeZqPtrW9gfz5oPBk0g5khzLXkWn0_3Di23lEm57QIX4zI-6VWd9eEfvUShyiJe4LVn0C6NnXN8v_ZhXYVijwsMMeojgmmyEdMRo8fLPd8XV0JslGWfR1a_EkTvf-4MF4D-T8G_-8eNy2ZB9oYKSOgqwjCMXg4DGKgOwmH_vJUSHQ2_dSOlxnGwJhIPZo-SezcAE4ocJg0XxuXa_8rWYSTg16kzrO-k-XtQ0_dNp-P0n1BtBTkneR6IzIyGfoYGqvAEn919v7o_RTwtAS_6Suj4j3N_oyWn5q-t2V6v9ZFcRyUsMbrhtheTGgeTw3YAaonrHDd6vZOmz1EvPTmAdfcVboMUiBS-eIc4OK-mEG1ozIn5Q04Uxh4Ov-ruS8VKgtjspJgdyKGDnhzKApfQq8mp2OOBO6Ex2ZqDbB-rbkRi9Pes5lBIzqHsVAa2KOxsCbGr0fqG8Lvopec_vmHzTZ-mNaahavYFSY0UG2M06YKunaZWCqHRzc2i0-M5TSZzj40Ra1RQ0H4OQJSghQWXR7GYhwXB1wdiyntVObnGBnpVvJlsDH1htLmR15uHZuEns0MbmtJYRZVOL2Viwk7HmCYh1dM82kxLThuLF7BByW9ii80dhQOwnjhMpCtkPjU_ufSUBYXEmwIwgFFwI9ZOFIFOTGIM04EiLAUZfm7jZFMnbIapDuabFNhokoxNcvQqO-Xv98F7PGeXYcBo87EE4k6ShSYo_fgSKwMKYG2-FPOLsF0w1gNZVPjvcIO5am4YeDf5eoVlnApiN909ghHejcvCJtm3sQ9tEUnL4Q4YISDIWfz8CBaGs0M8tl7HoaDU2Ae-G5DGPLNL6y-aG4O-k2taNpbyhEjQyqnMYf1M5MDf4aqcNWPwUf5lVcLLwCZ-JiTwaeurUQnrkLqTsQUksScSxOPoY5uMLDFXnsib8LtR48lBx3ClQMmONcupucLwPPYeF4htc-Mh8HoLnYTs1v3BcvvQJV3cZ-Cx82NB8lCCS78JX6e63cTETvFqOCvsv7RnljOZlMEN5Xr6dEjxZv8p3s5PNz4MAbx_kYZiLgucyXgXMv-6nIVAS6jjP0EdyhUPLPv0h2MYoyZxs1GooipPH4M19x-7Vlokhrc7c0v43it0PzFv9ipSHBkw96oVH_rjNiS0bhAYlXkxWl3Kd_Xd8euZHa9sluoekUEF5pN4lZnHaTdC9U-KJJIM6MyI8CciddIe5CZmVpwcP6vr9jMLcKnc7-ibgxJPrV9jVhp2gELb7s5zmdHOv3jPo1bs59Sqbst8tpjVSc61iUbbl8M3NkQab3UQtmKNQ6dEabuNhMp88MsMKfBSpW7Sy22uT4xqaVlXER9ZhqA523hOKTPXVCQw_UBRh8oaNLKbvsLmdEXs5GkUyPqwRuMxHvNAUzrdxFAoOUbXQKapAQi0XT3gB4mvMcQMuLg3cutRWtH4KSO2Uw4qO9yFChrUUBh8j2DBdBokxYOLaF6viONKLt08PDGt9r4eZu5vJoVTZ9XcJb-KZk0WYrOfeQszr_yDWsq3gJXEWp2wD60a_7Kk7PRaYFzx64DX9mIMFZ8EhyX2exdb70fzKCXFROxQv7WjJHOAlaekZ0JhhYe7-DdVcUbe6sD1R645sTtYygrEAaHyMEkpAeoHyUJYrjb1kcUSATI7HUgBWVXYtE16wLjqgIoPmaYrOHkvbElfIi7VG5A2QnAzRSu9cNSiRCm0VsFoqONG7VbMdHI5EiIxWWniB4D9cOMa-A8mE9jnfEp8EAOAIcg8gHzs4gqlJt8NlwJglRMbHItsFeK5Ez7Keuec5pTHcdoxuB6Wb6L85TJdtY5SclsZwvwMLckaR75TfTXqnMwDw2UgVbglhkYGMQFvmMH_85WbsJeHmNJOC3jxSjJ6aEjeq70jt4kdTExq1ck3f6LgLOYk1pvBf5BE0O2dv55oWw-EZ8lvzcmC_s1gSNfM7EsfVaGJ9jcedt8hZcMiHGhV08nRBmA4kIO_0W-bLhAmC9O7UBvCSGS-AVmoQnmNMZK9Afvb_v0-Oq1K-aiJ3pfPhmwVhldLKC8nM_jdXMaTBFmNpMoBN0R54dOINan8grgad6RwlHSSol9CEHP--6EJJeFAmkCWvGCmjfZBWqwH_5e9e2_j_sJTl8cgUAB3t37I-hBd_bWNmxMePxxhDpJRIT7U3agQjlsDDj-sp3zdpUzHQaedTeNqX6ZkMX6TOLHRdwmLRuq3H1AGoNpepyWBcUcsZwnsnJIhGDVBanpS95QWov-ecsZj2AZ2pRDzeQhsdTZCo7bzxOEnMPJjMraO0u7oYnLhZP8tBmW3DJsWSJvj45Rtja0KwwbZrPwGyKHWDGU9CqMz44sDEY1wPYpkAwmjxO7aR9md9pj4JCVuHzuvqonw7Lfueba54p-dteU5YQi3s4Sitl1Ivn8_xmkV0Xbd0P4EEkdo8HlLIr6FVwwUr06Viayryw7QQZ4_ou1jFtg2jUW3X8QmsMz6LhwFQDqT-FCmOX_EMecTx67iq5ofpegjwwjaOyY5wh4y6CUEqMVU0yzlTuCtKLn4WDQFFFFC168qwzL2ujQszsoEF_VIzjqX3jojW93vaURnDeTiovLZZn8VHXmogWJ-Bkj5pdfVd_PuYd6_I_bLOTzVJpRS-McyNvAK6VX_4V9rCV91ty2LjgB9b4LpNWdh3qaDvi-A7j66ww2Cy5m5wrWG0Y3oL4uXra9vQN1LK1S_xqnTtoBFckSGCxpYo2_3U3bEIfK4QKoW5Owt4M0w5c1w4-3OutjbuegbTFFt_T2vLyBrDMxa5zkVrJGyIKpQosB8LWqrgnV0qlsScpHDlKygmREWWG9R-ICCpCBhya7a0bk-9wnN0XVmCXCaZvoB1UvHGn3XSLcvMSHLYJAT83XfsiKtj6GUmyhQDjZDoL5w_Iae8LkM0h7pQCpy5PgEpVJQB4MVldbNTEXVuIkJi4ht1pziFgyKJv2yWVOljjmV-TxosCAASKORoQxEulbw-lude9iEUF2SvshFScLBEXbPWFoZlMsgujZIQrIMVyelgAQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:01:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10545
x-xss-protection
0
server
cafe
etag
4672069523611413616
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:01:33 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ Frame 0D0A 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a69468395eb541a451d375ae8b3c49d77a0fc6d0d15c76eb6c5bb74134e1725
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122217
x-xss-protection
0
server
cafe
etag
14093045391410913457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/ Frame CA3B 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220629/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Jul 2022 16:47:47 GMT
etag
10429905676100781186
expires
Sun, 17 Jul 2022 16:47:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame DDC6 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3fe90f9db442e9d619da572a737369b9cd587a23299d76921bf50e8486cbe10

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ Frame DDC6 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63ccc34c56ddde9859e5fabe9fe08fc891b8045aa804d5909a57dbc5dadc6f10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122217
x-xss-protection
0
server
cafe
etag
3758514223028115795
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame E9C9
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968029/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnossopalestra.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fnossopalestra.com.br...
  • https://www.googletagservices.com/dcm/dcmads.js
23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1074
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:45:51 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-server-name
app05.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 766C 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225f:3000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 16 May 2022 08:34:34 GMT
content-encoding
gzip
age
4231752
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 64ff1e6af494771d4212cf7d4543447e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
TXL50-P2
content-type
application/javascript
x-amz-cf-id
gypa6kH3PLwNcNFvDYuGj7lm30Bd1tVmh09MZO36kMsKI-IxZiIGKQ==
dt
dt.adsafeprotected.com/ Frame E9C9 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=1a4b1136-b322-be37-b852-d051bc8d547c&tv=%7Bc:hnQuSA,pingTime:-3,time:58,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:58,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ingest.php
events.newsroom.bi/ 		2 B
736 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1388
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryLCoZfOkjRANf0Gl7

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nossopalestra.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
dt
dt.adsafeprotected.com/ Frame E9C9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=1a4b1136-b322-be37-b852-d051bc8d547c&tv=%7Bc:hnQuSB,pingTime:-6,time:59,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:60,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:nossopalestra.com.br*%2C2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com*&br=c
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
index.html
s0.2mdn.net/sadbundle/2850313541868580038/ Frame A046 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aca2046161917e1565c000539829b152f0e4debb3333e61bafbd51a1966b5c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2282
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:24:12 GMT
expires
Tue, 04 Jul 2023 07:24:12 GMT
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame 5AFB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56205
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
integrator.js
adservice.google.de/adsid/ Frame 0D0A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0D0A 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BF4F 		12 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755400&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825513&bpp=3&bdt=122&idt=147&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=6822089695726&frm=24&ife=3&pv=2&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.lt8s8cnyx6z5&fsb=1&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0967367e11d95dff1754847b4f9c446735f82699eb28370857a03b49480f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1238
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame E9C9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=1a4b1136-b322-be37-b852-d051bc8d547c&tv=%7Bc:hnQuTm,pingTime:-2,time:106,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:11,mdZ:203,beA:218,beZ:219,mfA:221,cmA:224,inA:224,inZ:229,prA:229,prZ:233,si:241,poA:242,poZ:261,cmZ:261,mfZ:261,loA:277,loZ:280,ltA:324,ltZ:324%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:22%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:106,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:82,readyFired:false%7D&br=c
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
container.html
2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CF7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:44 GMT
expires
Tue, 04 Jul 2023 08:03:44 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 93DB 		82 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5f5af3b6fb4b77323a65462cd358b688bf63e85144cd58601d93f73de6fe41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
32162
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DDC6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DDC6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 48E8 		12 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755403&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825552&bpp=2&bdt=140&idt=158&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=2630849899687&frm=24&ife=3&pv=2&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.ghc341jz09xo&fsb=1&dtd=171
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0967367e11d95dff1754847b4f9c446735f82699eb28370857a03b49480f8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1238
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
createjs.min.js
code.createjs.com/1.0.0/ Frame A046 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.createjs.com/1.0.0/createjs.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:3500:11::215:14dc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Apache /
Resource Hash
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
server
Apache
cache-control
max-age=900
vary
Accept-Encoding
content-type
text/javascript
x-n
S
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:18:45 GMT
index.js
s0.2mdn.net/sadbundle/2850313541868580038/ Frame A046 		154 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/index.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a15a1a06d6c36f9faf5cc74042775b24798a6b45e65618aa10a5bf04cba80d43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1146
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29060
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame E7A0 		31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4cacdcd0a2c2d0e70b170248632a001b1d81e241c03792f04f1226a1f6ed31df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
impl_v90.js
www.googletagservices.com/dcm/ Frame E9C9 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/1005482/61968029/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fnossopalestra.com.br&adsafe_type=g&adsafe_url=https%3A%2F%2Fnossopalestra.com.br%2F&adsafe_type=c&adsafe_url=https%3A%2F%2F2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:1a4b1136-b322-be37-b852-d051bc8d547c,c:hnQuS1,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-86c8d9dc9d-9wtxr,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:23,oid:d3ca12a8-fb6f-11ec-b47a-6e59c4fe91ea,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 13:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
586232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 27 Jun 2023 13:13:13 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6CF7 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:46:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1062
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 04 Jul 2023 07:46:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6CF7 		162 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c764ce76afa9f760347531d28eebd575ba7bc794f680bd6f3476bfd20faa7ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Origin
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56371
x-xss-protection
0
server
cafe
etag
13400156211079947730
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6CF7 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6CF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvv0pVR_-P10OAzEkAOt-nY7WWClv4syzNh_WcffANwckgyzxzyi1eURdU76aLg3TrD7zZ1y3X4vdGqTJV24y2uUI_CrrEpGMS1MOkWidp51h3zsATDhUchG4F3oYSdCdIYmUOxnmRLPQ-Ne6oF6MQZNMejBTGsj5HB4DTVZDbzX6tjNTYlTIwwis6YJibcYf4S93eKjtlFWNTGVQAmI_DvcCnFRppBlXVScZ2wa_tPITruIF6G0ndFwWvb5K93aor0L_97sQ38Z4VHwV-VttyYdPUrH3nmfjISJZTe7-roTOjijR1iV2M6eMaMBu2E0ePNV3aa2MAgeIFK-Pcv4-xW45EalDrBlF4O1U7sWLCKRAEx6zA&sai=AMfl-YTCXoVZpLy4rIXv3i1OwRqdylWVGIEQ-wLhYef6WZJc8WGq4MYeInXk9-52nyYOeC3YVj36Jrva_yF1qBHgQL1vMCZ0RNnips4BRliFCluAwvowU678XWuX05b6ong&sig=Cg0ArKJSzG-Uo3xAASenEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D0A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-6830925722933424&warn=12%2C13&w=728&h=90&pp=7&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220628_103541&sat=1656837035328&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=1&mdns=0.957&alldns=0.957&allp=62&pgh=94&abl=false&rr=n&su=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&pvc=1192168929793850&r=0.1&eid=44759876%2C44759927%2C44759837
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 6CF7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dafd1b4ad1382b858662d070d548f9334ef70f4774683435e72e1140f5c26916

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/ Frame 6CF7 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6830925722933424
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd41f3cef2ac56f2d922704e7f377d78baa3255c09ca8a0d2063e88b19e3cfd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122223
x-xss-protection
0
server
cafe
etag
5533984669906167374
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Jul 2022 08:03:45 GMT
ingest.php
events.newsroom.bi/ 		2 B
736 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events.newsroom.bi/ingest.php
Requested by
Host: sdk.mrf.io
URL: https://sdk.mrf.io/statics/marfeel-sdk.js?id=1388
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
188.40.92.96 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.96.92.40.188.clients.your-server.de
Software
istio-envoy /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://nossopalestra.com.br/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8HroIZSi8Phi4qjQ

Response headers

date
Mon, 04 Jul 2022 08:03:45 GMT
server
istio-envoy
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://nossopalestra.com.br
access-control-expose-headers
Content-Length,Content-Range
cache-control
private,no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
2
Brush01.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Brush01.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e3d4eeead3a8fdea865ef4a92d31642850fafcb5f5ef3802c2c66e9fe4484d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:18 GMT
x-content-type-options
nosniff
age
1167
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1939
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:18 GMT
Brush02.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Brush02.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5f74aa0749d664b6550ab2095d5c8153c921ef4b3018266a9d229eadac593c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:24:24 GMT
x-content-type-options
nosniff
age
2361
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1907
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:24:24 GMT
dt
dt.adsafeprotected.com/ Frame E9C9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=1a4b1136-b322-be37-b852-d051bc8d547c&tv=%7Bc:hnQuY6,time:400,type:e,im:%7Bimprf:%7Bttecl:397,ecd:89,tsecr:78%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:400,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:22,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B391~0%5D,as:%5B391~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:taBt7DM+11%7C12%7C13%7C14%7C151*.1005482-61968029%7C1511%7C1512%7C161%7C17,idMap:151*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
integrator.js
adservice.google.de/adsid/ Frame 6CF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6CF7 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33CE 		12 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&adk=1812271804&adf=3279755402&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33416%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825894&bpp=4&bdt=167&idt=90&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&nras=1&correlator=3700616043356&frm=24&ife=3&pv=2&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.opt3fx081cs&fsb=1&dtd=103
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3fb9864975b4c35bbe986824adeef8b81c23f0f6cb4abaecb54fc5933d7cda4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
1247
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Brush03.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Brush03.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b88658ad27134ac1c18acf69a2bd87fe2f878b1048ccf0f5cfe4eddbd8cc1f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:24:24 GMT
x-content-type-options
nosniff
age
2362
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1819
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:24:24 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 525B 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
94c6a1d1d05f9db545f00c5cbe36001037e6899ba30af10da91eb33a371ec0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
11877
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Debrisfield.png
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Debrisfield.png
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dccd791dcb7d132fea0e1dc37914facf9c069dcbf1ff9dc7196bd79ca85e80b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 21:21:11 GMT
x-content-type-options
nosniff
age
384155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2765
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 21:21:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AFB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BuKRd4Z7CYqzYGIna3wP-94KIAwAAAAA4AeAEAg&bg=!g4ClgMTNAAaLlKKnq5Q7ACkAdvg8WsUwdn--SBlobl4DNufCOqLqAdtsZzLSymLe3gcP5f9953CDwAIAAAECUgAAAAJoAQeZA0V7waFIhTYbZ1M1eiJo5S4vDvN4B15y1SNv31Qdmf6J-Nf1pACKZ0Od5TM04OwJyAHtJ7XreHIjAEMG_8OAQltpMTXVnXmIgGW740_ihaHHBt8jcXaf2lcUzIbFzkgVYcQXL6hfHyOU-CwUUe1zBrerHMSS3OxxzPjlmhXvd66jL6eZc96BSz1FQrvoFORe623khnRTe0VQwY9RR5EWbsG5DY135tdifohZpKSEY3-F0J6UYFt5slGZ-Akicf0htJBXJhIXoZBKj4rH8f-KKSC2UkZd5EkCoLJM2Z_QDuFWDHNLpXhG_x9V9p-hF90w1veBzD6ZkuxPzbOjOa-zYALR7zb7t47vzQS5I8LXCxaPjiRF6fyiAWYQNppsA2TFVSr2fZk7AxVYf4zrnFfEQZcjwjKvtQQdLVhJ0UUH91GK3b_j-HrKLgiQLUhRke3dwAfZ9pyJ7M6-tzHKFDwIijUmnXAFO2khWbf37vWYXcbNM4QC4_bmvXdKdhyWSzqCjIZh1Xg9sDR6t8316tS6KWLCb_aoRWVii278YcaPcz15kiR0Udawljkj6lx9XxAtD4Kupsda-1ploL4Nuee5LGMw7VySdVIrje-_QjIPbOrrQKs1umA6QC_IVOm8lVCv9vG79suc7T9XeMaFxd67cxCbvus_ujL1dcI2iXy1Cygd2E7a77J-IjLst34N9GbHdyeHqw00uSDzZuGTOGwOeXQLvKdRCKKxugylLY1NCGe9hYLxfJh1iPHMx4leV8Lhsba8MXGTME88fs3sWLERf_RqtpOJCx7zckT4a074lbmv20HLajQhFWr8Ma5mNeSPDXdLJ1eYohc-bLz02sqc6sxEQfS-dIQhXipeBqNrYlWKThxWfkSBCej6Jtq50WK161JRNMAO3dVQGAqKg0MLLn6DBLn23IGACzcrOUxPXgJ2I1ZnSVsWgz_KP9uPZkCGh8S-PnYlj3R_osAIUDzdzmOf7cqtxmZBMI8XLMb3dtV2lC8uMkRMKfAtPjW_3M9epgVq0NispihJjVLxFlsv_86Q4fl1B5Suq5AhvZ4aDauKtoY0ryXS6DSER8Kffp1LVSNvQEGfqvHeYw2N4AA-1RJKyJN-2rU
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 93DB 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 06:13:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Jul 2022 08:03:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Jul 2022 08:03:46 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 93DB 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
146
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:01:20 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/ Frame 93DB 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
551
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
18116328616323621410
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 07:54:35 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 93DB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:02:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 93DB 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 93DB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:03:01 GMT
l
www.google.com/ads/measurement/ Frame 93DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs5FkkMS8Tunqx0b_OtKDdKPG6n4s4qKaRoJIVov03otkWbSbZ8HSn-uXPqGwP6CRnWkI43Jgv3FaQL-tyB-RuQ2unHA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
21b2dfe42abab24529e209ac1efa07c6.js
www.gstatic.com/mysidia/ Frame 93DB 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:55:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13060
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 20:43:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 02 Oct 2022 07:55:29 GMT
Dust03.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Dust03.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f744b349a8dfe361caf1bae49437361d028b7c2b918b164283adf3e9dde51b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:20 GMT
x-content-type-options
nosniff
age
1166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5210
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:20 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 93DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CPABz4Z7CYr7BLNrctwfB6qf4Adqu-7pisoGBvOUNuqGn87AcEAEgzvD9CGCV4pCCoAegAY3s5NkCyAEBqQJXm0VuowOqPqgDAcgDywSqBM4BT9Cps3FyGQr9dFRbEZMrEoJywKnCJNKym9mxsszvt9Kxe0mEzVt4qUDf29eFXc_VOVSFwZqktr1D0V7mZ6R6X6XP6LQrq7MDA7htWYrG2FBqAEGrQfyIt6xXwD-3vPZbF28P_irimIp322nWyclJJdZQqyqeApVRzJM90ID47DEHtoPZ2c5yaTC-zsNmcG2uwluILFjEIdnl68apcsD9qWQ5zQeCIPUGSVKl2_JE8GHb8IHDLdm5g8uVqrE1wNIXqW5WSCX8A8CHJgNESO7ABKSY8p7kA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfbk5umAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEELDFAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQH0BUBgBcBshccChoIABIUcHViLTY4MzA5MjU3MjI5MzM0MjQYAA&sigh=2i0I-nZCjRw&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Dust04.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Dust04.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b382c0709fcc54cae8c7c73a64145ed2d0fbecb21d804c8b7ca0db9d3fcacfbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:20 GMT
x-content-type-options
nosniff
age
1166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8271
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:20 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 812F 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3321
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 07:08:25 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BA48 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 93DB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8447a13e3386284144b00638c3dfe08034612f0a60c171b71a019ff27efbb309

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame E9C9 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1005482&asId=1a4b1136-b322-be37-b852-d051bc8d547c&tv=%7Bc:hnQv0s,pingTime:-10,time:546,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMy4wLjUwNjAuNTMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1656921826120%7C%7C013c116c63a14916d1f8435e909b76ce%7C%7C8203953bb098b7ae8a102827ac834317%7C%7C952682c27faff4fae0a02cc500b7460a%7C%7C0bdfaf61a90d52be808dba9337effd6f%7C%7Cadc0fc5436f0866cce3b298722dddf37%7C%7C3151c2885602a58145bb71d309213b17%7C%7Cb92be1703b20b413382891ee2056e81f%7C%7C1629390669%7D
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 93DB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
386812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Jun 2023 20:36:54 GMT
Dust05.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Dust05.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1f46bc5e74d9a06f92259fb82899924991b9dc4718ad40209b207e594488fa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:26:27 GMT
x-content-type-options
nosniff
age
2239
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20857
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:26:27 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CF7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=p&pg_h=94&su=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&d=5000&pvc=3934044254191427&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClsY34Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTHAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NzKQAqSTElp6KzDmn3Nr7FMZD4edVO2RfbdUr-xBTnriQkqWSkneABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjgzMDkyNTcyMjkzMzQyNBgA&sigh=l7nFEOHU5u4&uach_m=[UACH]&cid=CAQSKQCNIrLMVta5cUCMve8nzbg0IGniRPXBdioM47cnwGeWFC7KJXEVtEk_GAE
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 6AF6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1hb96q0pwqy4x22rvnpk89rmh96a4jxdva22998rk1qmg6t6wvta5q5mzsq96bggq05px2f4cz666f8rdd1hdvp8cnnh8jrqgcdgcfgprdasrw98gn5njw8krg22j0xaxdz8m6fnh6218nmz81xr7cx14b1gr8h3ec5xx4v38skt0abv6zg06tvrsf45690597v8mywh7r68699pfg2heh27g878ths4bdqm7eswp09gq3pyemfyxx78jt3dwy3ma75ajwewr6akn5y161yepa2e8kw0xfxfa66kby52xarpm8j8va6v786k98ajcgkbycg5h1estks6sbkkf403b3ck7tat38ghdvayv777pc56q2khvbzd100vn0j4xem68xjwxpenzwz9689k51vxh5g&b=YsKe4QAL01IKGLbQAAdYDDrZa3mbMCRXoaR8Uw
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 0969 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8433a16a2e40e6c68a1320c329bc76201e6068653b32331cef5544aea52d2a03
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
725658a60cce83a0-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 6AF6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:02:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0383 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6AF6 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame 6AF6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:03:01 GMT
l
www.google.com/ads/measurement/ Frame 6AF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_DmNJl_aCJFESm5M1X7f7fgo9gsOIOL-TKSkk0Wx3FwA3gd32nrJVg4erInWexpvQQwB3sUqvqzt9o5zYn9I7wHS3QQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
dpixel
cms.quantserve.com/ Frame BA48 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK8paR4YqoG7bgJe1AWfKus&google_cver=1&google_push=ARnp8GCeyHaW3nwpEl1onLkIkkIvPSv8irhxvXzx3Fqzha0lkYy5ykWccGRklZCwLT_lcl0UnSjoigEmSvoE9dUH8aRot6zfvsfZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame BA48 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKn7xQl3aOJdJO-YrCEGYe4&google_push=ARnp8GDYuunuCEE1Y93LKgEH1Ktz_RgJZNsqNks8JZtB_Sv54rlFYsF7wh0DU5PbQ8hrzWmuM6vJ-HwPdqMT2BIuBGlOlLX5kO7x&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame BA48 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO9q_CyQ0Lbt4mJGvvECobQ&google_cver=1&google_push=ARnp8GA5IISGwM3RDg66lGTVkqjVdNOvWn4D8fJutxrXoL2d2oj-0b9bMsKrzP91Y5wZQjRLDIQC_LxF_mpekK8GtGtQ5Nj4vysX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
22vujukarpgk8hq4td1fcb4v7bodhbpb
pixel
cm.g.doubleclick.net/ Frame BA48
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJfhBp04T8y64r7tIH6CAQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJfhBp04T8y64r7tIH6CAQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDl0s-hHa4WfjbFa_Xi3oj74Pxj8QUXje2KL75jV-2y3EcHKyRrjGOdPEzbv4PrPXB9aXXoMRj51KuBaQqYlE2A-wzWIoNV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=TJfhBp04T8y64r7tIH6CAQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GDl0s-hHa4WfjbFa_Xi3oj74Pxj8QUXje2KL75jV-2y3EcHKyRrjGOdPEzbv4PrPXB9aXXoMRj51KuBaQqYlE2A-wzWIoNV
date
Mon, 04 Jul 2022 08:03:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame BA48
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCvyxC6vFEx7wcYg3Yx8V2RXLAZHnx6N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCvyxC6vFEx7wcYg3Yx8V2RXLAZHnx6Ns0Y1zukUu_mtjD1PDSDM1VLWODsouc1rpYI45GwF0oDBO2MOa1vi4zKGZ0bizAe
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOMyAzOOsk8BXLf%2F5C%2BEp%2FDJuAbc7kepplFlgkivK1kV%2BkC5tjDtnRH5VDMtTHrzLuIaSyAQPC2C2biOgg4ZZarQgpoA1PmXCcCqYcc0Ps%2FIyz67pW1%2BYlcEFPFSJGLfntMpn9Y8HRB7jg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCvyxC6vFEx7wcYg3Yx8V2RXLAZHnx6Ns0Y1zukUu_mtjD1PDSDM1VLWODsouc1rpYI45GwF0oDBO2MOa1vi4zKGZ0bizAe
cache-control
no-cache
cf-ray
725658a5edbf9a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame BA48 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEO2QRqkA-ezcRkJ00rZWZUQ&google_cver=1&google_push=ARnp8GC86ksQLZwelxVqMQNslLnsv9hRpBQk8STIVco5YFzY7HaAhIMN5XtKE_NxKg7aHmpUScawLsT2HQBEWisQaWRBn8cQTxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame BA48 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame BA48 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JG7bJeETY0WYSrQruh8urU5s5YEr6XwfUYPIG9JgVayS_onORSm-Q7qJDd2SPjegs9IodlvQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
End_Frame.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/End_Frame.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8190e63153c11a320c4397469584e5b793ec8987ffe71e62f504e1ecbe71fa8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:26:28 GMT
x-content-type-options
nosniff
age
2238
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20751
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:26:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 812F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expires
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 08:03:46 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
laser.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/laser.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d36d0349727df920f9dfb5c0be6438af5e32949dd82d27bfc3ad764c3e8e777
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 08:48:21 GMT
x-content-type-options
nosniff
age
429325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2874
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 08:48:21 GMT
dpixel
cms.quantserve.com/ Frame 0383 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEK8paR4YqoG7bgJe1AWfKus&google_cver=1&google_push=ARnp8GAtXlUpbjnJYUB7GRTSuLWd5i3EyP6Rp_9DkalYbDWK1A6hwUkpktlWWFbqsrZsW38TJImUmwY6CqGnU5v4MAQXGOe8LYvl
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 0383 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKn7xQl3aOJdJO-YrCEGYe4&google_push=ARnp8GDDKLVqKiGLNG3-fyloNvstuqy5aUZ0IYe0FN80rmS9FvD7j9o5-WSSXYrRNNByzXXojGy2GKjRKky6uJ1H7AbBAjcWsWE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 0383 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEO9q_CyQ0Lbt4mJGvvECobQ&google_cver=1&google_push=ARnp8GD8eVqkRZVFsIC6ZCkkgsZRGG_UnG431v8VvkF9OC4SiZ0oBgCnCZ9poKTmp4iZQ-xb1gxs2mFqQkrpiS6cmUt0E6xszlnu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:45 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
tq9a2efau9gt784t4k4fojbcf1dak089
pixel
cm.g.doubleclick.net/ Frame 0383
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuALwqM1ThKkwpCtzkp5mA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuALwqM1ThKkwpCtzkp5mA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA9ViTySMGw9-LtBj7LURhh1961JB0a3bUDfVr6pQnsmgsTRqYCXNGt4HBc872_ZFxivDD5BPgmf95qFWns21RwG_hUwTs3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=yuALwqM1ThKkwpCtzkp5mA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GA9ViTySMGw9-LtBj7LURhh1961JB0a3bUDfVr6pQnsmgsTRqYCXNGt4HBc872_ZFxivDD5BPgmf95qFWns21RwG_hUwTs3
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0383
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvRE9SA0xQqArzvp2CAvOw&google_cver=1&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSDAtMy02SzJS&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6ZeSSnusTGBpnURXHllMIK8WroU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSDAtMy02SzJS&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6ZeSSnusTGBpnURXHllMIK8WroU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSDAtMy02SzJS&google_push=ARnp8GAEtiYOO2X83TFRJ8jbMUwTF8T7Rr_D6jrd3Wt2fqhKtai3suQDxDNP0G4VsvlK7uHRc6ZeSSnusTGBpnURXHllMIK8WroU
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0383
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCnKVTLln8cbtrimnEtj1zHuwMf3dA_p...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCnKVTLln8cbtrimnEtj1zHuwMf3dA_pCbcaZbOJT24wiwMxctW095YRXGvroWLI0xHGyP4CecS45VRUfZmW6pKY44tDFo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJvbKxDG%2FCXoWDTqG4Iof1HsM%2FUM3fMjNgzacl%2FPnt2CN2y4rYVzVUXB5pfQhqlHVUigYVcvNTDaz6TDVlXlkHEJIG2CpWSIcjsVHdEShHI5qx68zR5qZHx0J88AnOuQCDcJBYHL%2FSmH4w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFJU7ZVymP49DVm63cpH1_E&google_hm=YsKe4cfIkoufLZ-7zHRAsQAADHIAAAAB&google_nid=index&google_push=ARnp8GCnKVTLln8cbtrimnEtj1zHuwMf3dA_pCbcaZbOJT24wiwMxctW095YRXGvroWLI0xHGyP4CecS45VRUfZmW6pKY44tDFo
cache-control
no-cache
cf-ray
725658a5edc09a0b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 0383 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 0383 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJzeCqGbbvHAxkhAMC-JuxxUBD8dJlrOI6zhs1ZPQqkNNqYLQN316vRpuW9x1QuUEWEfubQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046726&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825554&bpp=1&bdt=142&idt=182&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=2630849899687&frm=24&ife=3&pv=1&ga_vid=602606377.1656921826&ga_sid=1656921826&ga_hid=2079578084&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31067527%2C31068288%2C42531605&oid=2&pvsid=1791835551068018&tmod=1505394841&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.7qfp2pmr3kiy&fsb=1&dtd=187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Nasty1.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Nasty1.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa03c439fd0b490a259b2f8af553dcb98b915d283155ebe6a708edb260604eed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:26:30 GMT
x-content-type-options
nosniff
age
2236
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1914
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:26:30 GMT
truncated
/ Frame 6AF6 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c87cf10a3ff5d981cd6fc3f654e585abf673437134f80956b8990cdb83f8b33

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
Nasty2.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Nasty2.jpg
Requested by
Host: 2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
URL: https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afc5c9fcf1ac8b37add529c608bbd0c0964eb2edd1b968dbb911e1ae3835f28b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:26:31 GMT
x-content-type-options
nosniff
age
2235
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1836
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:26:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame A0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cls1v4p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMcBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-Bri7LegeNO6ZMY1B-TbYSg9_BlG7dMQaRuacvMqzrfUlAmEw1DxIAGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02ODMwOTI1NzIyOTMzNDI0GAA&sigh=utb_TQEGbiY&uach_m=[UACH]&cid=CAQSKQCNIrLMatrK67gVPL-xuGOyemQLBhfqYoEY0dmGcn-ktaIr4RexWgfPGAE
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Mon, 04 Jul 2022 08:03:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame A0BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1k4zd3q3355wf458zqewqxgzptcs7m25fpp8te3x6f7z3n5pta79cv0bfabq3t9sp77cnjf9a6zjyj02q6c23m7yh68bp94pyvgc66r88xsg8y9mh3hy0s8b3qvgm5rq9gywsb92r0ff526cjbz65f5qp5d34pjmw4e9ar6j9tyavz753ewnjf6m9yx1fc502308cg1f45ndkz64h505agw1mf0trkmz6fb27j43c1wyyq2e34qfhg28pa86aevjqh5pezkb5mb7v3mk06wrt19kj5vq0wdnram922hdzwz93nmzqstr2kts2w9wy11bf5nr42y1c8djc7r3wr2g53m1wx4jw76wr8c8mcgeswake9g1sz4xhqcqw9kasbgcc5x7my67p13fwyhgsjm5d18&b=YsKe4gAA-OsCHkc4AA7geFFOUurypv0pO6fuVQ
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5063 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a93daaad50d2363ffd557dc7c0159d94db74849f50f6dbb339c616fa5106b1a3
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
725658a66dcaf933-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame A0BD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:02:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:02:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5110 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
7802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 05:53:44 GMT
etag
48472445140208031
expires
Tue, 05 Jul 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A0BD 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43256
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1656329918998510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/ Frame A0BD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220629/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7309
x-xss-protection
0
server
cafe
etag
16921397534319471551
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 18 Jul 2022 08:03:01 GMT
l
www.google.com/ads/measurement/ Frame A0BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-Y88YeyZyvvx6lOGqSYV8p2of8rMLS9U0kNh0xm5rkxU0GQc1fva31YTXZ5oq1zO17wA85gkSd1dQ4yOfioDUdFcD7w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
Nasty3.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Nasty3.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8f4f341a8530edd47c713b97bf9e93df4b607e88ed76f42c22b3087b4669214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 08:48:21 GMT
x-content-type-options
nosniff
age
429325
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1777
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 29 Jun 2023 08:48:21 GMT
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 0969 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
853563
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
725658a66dc9f933-MXP
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 0969 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68532
x-guploader-uploadid
ADPycduOFBnC9rX4SnPIlmu3jpT2Slh6_Grs88gus9m50wL9wNOyFZHon_ts0VjUzC1JQiGPi63no3aWqYxivcMmDp7h9B05Lmxg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 12:16:17 GMT
server
cloudflare
etag
W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MouMzBAHR2nAZnAuZ8aYk3F18upRAN7WjSky9n4zYKF%2BVJD51Rvql5szpY%2BCi5V8A0HL8P8imQERyP%2Bv10A03e9L1w%2FAt47wYqXGFisvfCHNx4jFCIsfRBvrfnwskYzsZlNEU%2FM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654863377140818
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11896
cf-ray
725658a67d6a83a0-MXP
expires
Sun, 03 Jul 2022 13:01:34 GMT
Nasty4.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Nasty4.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f29d3f145300fe3cec6dfb6d9fd4767011733be31cb895d92b4a902fe622b162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:24 GMT
x-content-type-options
nosniff
age
1162
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2285
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:24 GMT
pixel
cm.g.doubleclick.net/ Frame 5110
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHs...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNLZTRnQUFBWGl5dm5nNA&google_push=ARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHsqiir5hBHSZ1P02IXAnrp-eZxCRveieY56fgpnxCGM5lMv2eoydgiYMmQL
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNLZTRnQUFBWGl5dm5nNA&google_push=ARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHsqiir5hBHSZ1P02IXAnrp-eZxCRveieY56fgpnxCGM5lMv2eoydgiYMmQL
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXNLZTRnQUFBWGl5dm5nNA&google_push=ARnp8GBCVPOsfHOaXdOjxNrJ1yTdiQHuphql6ob1lHsqiir5hBHSZ1P02IXAnrp-eZxCRveieY56fgpnxCGM5lMv2eoydgiYMmQL
Date
Mon, 04 Jul 2022 08:03:46 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 5110
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESELDLOxRGI-5M413Nvqmy6KY&google_cver=1&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo&google_hm=Q0FFU0VMRExPeFJHSS01TT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo&google_hm=Q0FFU0VMRExPeFJHSS01TTQxM052cW15NktZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:45 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GAcwmL7ntUdqi9LrDyT3027zGWosiOljorR85UJwea0EAe3hn4sGoI9I-OX_YjwCt4ZQgmp7qDsnaiLbsSORYvsQ3VxpRo&google_hm=Q0FFU0VMRExPeFJHSS01TTQxM052cW15NktZ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 5110 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GACqf9KRa6mgrOXpI0nA1gmNW8xk2YUleGQvfsBXRRKKwr1wEd9KMse2X8gFzQziy0G7YizW5GcLq68hJfqNVoWAwBpBTub&google_gid=CAESEEL6KV18VuDAAwY8mO8dag4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 5110
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvRE9SA0xQqArzvp2CAvOw&google_cver=1&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSTktMTYtQTlYWQ==&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74wfbc9N0lJ1VlL7LsuP2Zzr5qy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSTktMTYtQTlYWQ==&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74wfbc9N0lJ1VlL7LsuP2Zzr5qy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDU2R0gzSTktMTYtQTlYWQ==&google_push=ARnp8GCfsHo24o_BGI_QCzh_aE9XXKoMGOB9ypNQ3C8looyNKabygUEXn9v_Ni5ysk5CwcEga74wfbc9N0lJ1VlL7LsuP2Zzr5qy
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0
trk
ag.innovid.com/ Frame 5110 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEO2QRqkA-ezcRkJ00rZWZUQ&google_cver=1&google_push=ARnp8GAZGBL8yXRRKlDXWE11wSU2nCGtEQv0J4PwKFGQWz8Hw35zG_l2w1UavzP0icQDmT5zgXfXivJqOFGsi6lFgdFukTFlqlcu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:7677:5b33:71a6:2d38 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:46 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 5110 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 5110 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IrvS2d2LxJbi1sU4xZ-jS-rwXdw5hnlR96FDYSznq48V5lFHQxWbO_1MDT0Y7qRuY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=8359108929&adk=3778084439&adf=3173046725&pi=t.ma~as.8359108929&w=970&psa=0&format=970x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825898&bpp=1&bdt=171&idt=111&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3700616043356&frm=24&ife=3&pv=1&ga_vid=1756409697.1656921826&ga_sid=1656921826&ga_hid=850367430&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=90&ifk=1821057136&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931&oid=2&pvsid=3934044254191427&tmod=1023805116&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.l9vt4hj3nzi0&fsb=1&dtd=115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Product.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Product.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc8ce1cf1e49ff066c798e281e824095911547ad7e478dbb01c3044d183429e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:24 GMT
x-content-type-options
nosniff
age
1162
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7849
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:24 GMT
truncated
/ Frame A0BD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbac2f994f98956a4ddcea7b383a29a8d2a61dc521901a85ef16545c03e28b72

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
Product_Head.jpg
s0.2mdn.net/sadbundle/2850313541868580038/images/ Frame A046 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2850313541868580038/images/Product_Head.jpg
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aed4126e90ddf4a7c26b5c3dab23b8f9b9d060d9e43130dba9e46e9db5383a67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2850313541868580038/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 07:44:24 GMT
x-content-type-options
nosniff
age
1162
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21443
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 01:18:32 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 04 Jul 2023 07:44:24 GMT
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 5063 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
853563
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
725658a6bdfef933-MXP
cf-bgj
minify
fxpcopuw.js
ad4m.at/ Frame 5063 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/fxpcopuw.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=8tWKlw==, md5=6aWQ1AqH0xLbzdUzNXv+Gg==
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
61688
x-guploader-uploadid
ADPycduH8Fx8ZyO7J1-ITexthWNtkwV-W-X8iSfzJTMfacXzuMpIRDu_3w3_U52eZr-kCHxvjY-qGGi9lF_MLw6N7l0_EQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 10 Jun 2022 12:16:17 GMT
server
cloudflare
etag
W/"e9a590d40a87d312dbcdd533357bfe1a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3EpT1AH84eu58KbonXe5tnE%2FIk6Kni9fvy0nd76RIBBSX%2FB6TStbvtm0OgtKqOvZjuJ842tNCCC8lr5SjKQGDgzt0k4R7JGAidROXsBY8f5kM0%2BmdhBoMZCIIDXD8%2B6PegEo2E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1654863377140818
content-type
application/javascript; charset=utf-8
expires
Sun, 03 Jul 2022 14:55:38 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11896
cf-ray
725658a6be00f933-MXP
cf-bgj
minify
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 0969 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18424140
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCA7xaiYz5aX3QnloLqKrMLZxjfwScqWNsuR77HJUQ%2FBCWGKlbe705hwb8TevlSHhGVSKiJTPnmfCeRACh7DQulkXRGmDFrjFlLaXN%2BJL%2BGDQbCZhV3btqAFZK3djHpO3ih0JBWl%2B23y6YbByxNX7c%2Fw"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
725658a718bd3745-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame F1B0 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
287794
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
725658a6fe34f933-MXP
content-encoding
br
content-language
en
content-type
text/html
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 04 Jul 2022 09:03:46 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jsf4oZwvVSEHsKtIL%2F3oyKsCDt%2B7JhZD1mA1lM1OimG7cWBr6eeOR33md1%2Br44jhDHpLNk9zeV9s2fVQ5%2BlilDZbeKrOJ1rbcn%2B9VSWus%2BTuRqPfyB2x8NF8cK5TjxNzK5Vo%2Fns%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
view
securepubads.g.doubleclick.net/pcs/ Frame 0D0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZ02zmOPacmB81R5gsgjygkwFEGXykSOXyHeZIVrODzZq_2JzoSwTaIjUw58Z2FqQKm2i53D12fW8dy5_zIkDQRBaILBi_xga7zbiejAlCXKQZPp03fWyvJN0UeSK8yyotGCZLr23UheMM_nxXJ8_LVzHpT-PR4vKv9X3IFcBjyUt3ZLIsUC9OMOGrpBjzKKE7jACgFyTYQfrP3qJK-Mm22KJt5FI67mawFEbqkNckga2PSjes9ySlgcGWZxQ0O1DOTjRUJtXwBqFz8BGdGwSZzLz1_E_SOcxETJBrwDcA4oeC0QL-fonn9gzTMCER7MypBjS4IdiXzI2CM1HwePq4yYvlvoyBO5vZ&sai=AMfl-YR-7z-9lWfgrSFUucyLC1ppkZp0T9svBLh0i4YnGCKiZ1Eng-HV2UDH9OLbi0aq8pvMtVHkfyLIjVG_Fbk-wQxD8iFM4nOE5QzKaI-FbXXesTMi0yp_kCMsoixsUcQ&sig=Cg0ArKJSzOe1cS0B0tzbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Jul 2022 08:03:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0D0A 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7dd71f5730a268f0f52b40bd40876cb4eed0f01568f6ae6f509b5b398401dc1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10540
x-xss-protection
0
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame 3E3C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830925722933424&output=html&h=90&slotname=3481831542&adk=406591891&adf=3173046727&pi=t.ma~as.3481831542&w=728&psa=0&format=728x90&url=https%3A%2F%2Fnossopalestra.com.br%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656921825516&bpp=1&bdt=124&idt=180&shv=r20220629&mjsv=m202206280101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=6822089695726&frm=24&ife=3&pv=1&ga_vid=1409012504.1656921826&ga_sid=1656921826&ga_hid=683115818&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=728&ish=90&ifk=1932049650&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837&oid=2&pvsid=1192168929793850&tmod=761679240&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.x59m84kbn8v8&fsb=1&dtd=186
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5063 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18424140
x-guploader-uploadid
ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uK3zpCBAnQa8Ncg0LWpSuq3scP7CroVcM3H%2F98L63KzaEp6MhPlupaD1b6oc%2BrHGjALBByc3jMn0pS90LIaTzVl3iKhrZln1WD8TytnCb5Qsom8lRJkl2RRs1w6w4fIafIQIHiNUtBUSCzrrD0L9UztL"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623242114099744
content-type
image/png
cache-control
public, max-age=31536000, immutable
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
725658a728ca3745-MXP
expires
Sat, 03 Dec 2022 02:14:46 GMT
frame.html
ad4m.at/ Frame B32E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
287794
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
725658a72e54f933-MXP
content-encoding
br
content-language
en
content-type
text/html
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 04 Jul 2022 09:03:46 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGFTbFkbUFX%2F4Ylq1o%2F6b25GqFGf9CP98FNGiRzyNsdN9iY9EkV6v56bk4h2PulTaAtt7A0rGL2V8t8xT4zTwZm4%2By2BuzkiLwhBRLIkVgHkQG6mNnIh53OIXER1KUKlY69wRAw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-metageneration
2
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ABg5-UzDP-_Q5h8v98b5VW6vAABBv-7Sd2Tb_7s7QJ26FBPINE08euLO0mAlQxDbiIDYlctrdb28pMZ34cWhMuFUd0w
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0D0A 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DDC6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_eGJyAjrds-g8y8d0f0RrM8C1NdxDZ-gwvDI4mhO3axRcO-sNEmxJQ_xJjmyzzg42nj46ei-MmknsACNd5h7zxWFUrPZ0RFWkAe7vkwjW5ntPmTJhbmw1F-rUrarOCC5-j0W2zNVE1kISzLHMVgxD1JD9c1kMe2Tf51vLX6zU85DUKz7LOVpJwubEn1FqPcz4TmlFCd0_Rsz2UaoniRYfr35cZ948i2bIC-ZPoLIHWIiIbV-e0cVxKrpP3JjQ1l_bZ7U6LdcnDZjUsuknWZsa1VVIPALUE5PPDlsLg5eNk_-KfCL5hsi_ORIYi_RnAsPUqju-y3WidAyYpEEHw_f5TUo0CcPFuJslnD8&sai=AMfl-YQj4wCfG2Rfime8kNUidjid0czG82s6J5fv6Ib8k2axCSRsWRCRAyCloqnwMvndpM0PGGa1h3JW_gO8CWmSjpeNCc8nBUlqd9rshJJiWqVhMfepM5PxFc0ex5O6zEE&sig=Cg0ArKJSzKh2mQMAUHLtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Jul 2022 08:03:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DDC6 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
067cc6bf1c222a4dbcc7fc0fdf599a15a9922cd9f0513116a747495dd02801f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10684
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6CF7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOTNDSx4CDqlzcLI32a6aTawrskhDpXWlSTQnbpukWdTy71hcczB_TI3B2G3_OfsKf_qdn2jztX7uSlEZDoWfINxKXfeKqVdbOD4PK3CEtNpadTUu6mRoZu60pFl5-5X1427roQZccW79XrDSYv700LFn0fYZKkDSNO1vca8TdYhhvWS8O9QoBWk6l3TGOLz9UIi3V-YsLyBA22KUZCLWpj1IWRHnzc-e3Ujm9OS2QedWjEx3G5pej99sU3ASdsC2N2VDJHT5-zTSiuavnPTmtXFN6H6ZL90S7k-rZSy0vJmyhfTkaYt_zs_nRColfEsBZ_MZywgeEdEkuSRhuJs99QpesmHACiE25Lpxv8EwOLsA7CzOAeQ&sai=AMfl-YQImEmdV0di8ajfBna0MIliEbcXpI1DmjV86nv4_dcOeHP8vMfaiVGtyTXusHhBW8swJpwxdesHp-osqU-cKSk5i7Tj2RTSmimA1nM7ZJ1GxtKChdwubnEmteK1ByE&sig=Cg0ArKJSzCpWMN1zrFAwEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 04 Jul 2022 08:03:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6CF7 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220629&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7daf710527780258a3b5b5c268fcce2483f40004ee8351c150850ec164f80eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10599
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022062801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33d944ea690e769858246053b671bd885cd5469cd962707629c2292606e14162
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10660
x-xss-protection
0
rs
ad4m.at/ Frame 0969 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb1ff879a43389677ee114efb834a310f36ca0b6ede3c3ef504af9e5390cf1d

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
725658a84fb559f5-MXP
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aj6bxE51J4oeLbUntunUe4V5ErA57aLAfO1PW9iYNFEKPWBCv6dgigqcdcFizuKKfzIu8FAulGsgYoVh4uW4PXrLEu7w5FWNDamJncYQTPM4ChdDdEU3RQrpniBiMIn1uVqXDgI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
725658a7ff5259f5-MXP
content-length
24
content-type
text/plain
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bme4KpYRJDyR1fbcL7eoAzR1b%2BWcNjGlPsI4U%2BJ4iY5RcWt94noMA0NcQGYftXrLh2S6AgE028aabYFGzJeMjXXHAmQFnYVWbShsQAZziElJg4A9LbEXmhzxSOasP92qsAtFqTM%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 5063 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4316bf7e19b904e26b5f7316ab06f8eb55ec92aeeafc9a81343a37a98336a3f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
725658a84fb159f5-MXP
date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr8tlhHOkYi%2FSzyHe%2BwTjL2kyz29ZdwF4uD5oKdLk7p4upCfr%2BqgPl1o0b%2FSMoTUfGvC8gKf2b%2F4F%2FYNY92PTGCGPYPtRxR75napD3uzc%2BL8d7WC683u3%2BIoJw2D8E65TGx6Ga0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-w6qz
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
725658a7ff4e59f5-MXP
content-length
24
content-type
text/plain
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e1CKamiS5pJE074karZwHVeFXRbBuwcwpypxRs0kLiK4ngofoMkY7VmWUAWt%2FllSf1bKrnHk4uFxmJNm%2Bg%2FrW4fA3NxQnQHXKjGgEnYfbIa%2FuQTMGHOvtMJsuegmA1Idtg3ab00%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-w6qz
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DDC6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&bust=31068288
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6CF7 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206280101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6830925722933424&plah=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
click
redirect.lista10.dev/ Frame B859 		238 B
487 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=BAooiAAxAyjgF4fn
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aadd02c2af6f4fb2a70f0fc03c1cbfad492658572ff2518e154d113afb711d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f1bbaca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlgmtIfp7OOuYT6gzyFtSlc%2B0FE3DUg8GplvZ65CLf6OCgIswJR0GnpnmjPOFHUPVhWqp2k%2BycsadH9h0EJNMobx1MpbOJEaa7JnT754Ckp%2B0Glbs7kHicoPuGAnFjEEcGMYU6gcz4gcXtCJE%2FdzVcAA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
3baf4841-918a-4c7a-8efa-895260d0155c
x-runtime
0.008750
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 1CDC 		238 B
492 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=Cqt3rsU5nDzXQpHa
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f9d575a9dc9bbf1e70104ddcd090f1cd78d45d4e4ab013a584d6283f5b080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f1dbaca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=II9MWMxWRsX9f7YxLU3q0IunOWO5D%2FHYYd6Pk6usjDCxmixxdxs688VwjqvGEmU9dUJ2phbNdHJ8AT%2Fxab8u%2BglruwZONQpUNYLJcADoOgu%2B%2B4YqKYUbQ5Ec1%2FYgHq8DSs0ePP8e%2B6eihRvpQVYwCaD1eg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
ddc98097-1d3e-4727-b458-efe4e7261091
x-runtime
0.006037
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 696D 		236 B
475 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=gLytB68KW9ZeUQvs
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f1ebaca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iMyuBgDGB7eQur2NFS20%2FFJyXCK96d0GIX2Udvr8rVGiGJxaytEjX%2F9qw1qrtXLsvgXfbMxD5O%2F7q4N0RVyI28xV%2BMPRG8O7519OG8u2QhE7T7yGI3fF06iY3tsLeMX%2F%2FedMUUIkDRJiB4xc9E6m2ejkaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
c1688835-ecc0-45bf-928f-68aca595574e
x-runtime
0.006213
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 4375 		238 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=9LQLZeJdVuNsZDaW
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29185c6b10d00814c454d283af1b3485bc51d3e43fa71f88e8b97d365263bffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f24baca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:47 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWEd4dxDHuurrfLVvqkmmQgbcTEGBxT%2FYEmBK%2Fk4%2FotIRYR0XcMouFoXnYIYY8H90sEgtOILmMyyIPL%2BpWj%2FdghQiD%2B4Jzu6Au%2F%2FRLSHDIQNyHgQqXyvtrzd5E%2FSYZ%2Fh%2FlXhWjz%2BhoLD%2BHKHWSytxrEX0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
2c35d7ef-0181-49b0-85ca-30c6df22f3e1
x-runtime
0.005972
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062801.js?cb=31068294
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Jul 2022 08:03:46 GMT
click
redirect.lista10.dev/ Frame 46E6 		238 B
880 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=N95K4rTkWVuvV8ku
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7357a5c5777e0f8c9592365cf11cadb1bcc58e50773bdd4e604bb7a53ebe6037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f25baca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PfZqBNpncYZa5paprHvQhIjebGOIl%2FZWqqrzZQ28dGe6XP2BzVpnUriHQqqXWYva4ZiF%2FCZ1iHOGh64JMa0makj%2BTPIhAY8BDQztD%2FuN9ds9FdITqwYwP%2BPg0p2yHuUIHvo5DjjuG21WrIfoX1MGOg%2BVFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
ca2ad996-b63e-4db7-a8f6-207648c66256
x-runtime
0.004388
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 16B1 		238 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=8N4XKBc4QE72byNJ
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f9d575a9dc9bbf1e70104ddcd090f1cd78d45d4e4ab013a584d6283f5b080c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f27baca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0vDA2fPHdVSc%2FC3x4jmtwi6wn2htrGlxT0FJlWSKYgwS448anFzx5CMWtnSP3qia0NwQioVSffQLonLRCLvouDRw%2B0DsU71uAOpt5U9ryOyUDCdityOnkmcLiUZuClzTDtKc4XDOrsBxNKG3eP%2FmALUbA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
0d4cdf3b-8f01-47a9-be4e-36691ba23c8f
x-runtime
0.006075
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 0285 		236 B
896 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=TtGdo9CoAtd4XKyW
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f22baca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mrq2Dgi5yn%2BHE9gIBAfb4xmfTz4fHHHWUDhIR3jHTkp5T%2BwVMM9glv0zMkCIzN8%2Bhylr8BXjzy7GHlhUzZmULnGDYujaKUiqVEgL%2FtTKYpXQkZQ4Mxvy7uf1cwnc%2F7MbL9eUfpblXT0EFEwhvysH0ynsw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
e64268fd-91f8-4b64-b6c6-5b64f8d18734
x-runtime
0.005434
x-xss-protection
1; mode=block
click
redirect.lista10.dev/ Frame 1091 		238 B
490 B 		Document
General
Check archive.org
Download Go to
Full URL
https://redirect.lista10.dev/click?click_id=hJZtDYBUov1RF6Ln
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efdf0f107ea2662effe3a896dd5a77da68daf9b2bc71580674f6f6a8704dcc70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a88f21baca-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Afsq%2FKmrTMkDFgoHFZqA2KzWF0GjLwpfaMzeMFLEt8jexee05XoBlAjRdEmooNFzNR%2Bc2%2FNXqVeKVRLIJRG346X6cSBD7ZkAf2%2FujIJKjVWi8qTS5FBByH3%2FTbRknH6ytnQuB6DcegYNnft4pOrjr%2FCetQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
cae4c6fd-5680-44f1-9ce6-67230d5a638a
x-runtime
0.008396
x-xss-protection
1; mode=block
click
r.admasters.media/ Frame 368D 		246 B
686 B 		Document
General
Check archive.org
Download Go to
Full URL
https://r.admasters.media/click?click_id=AyEBFC3e3dDaXYiB
Requested by
Host: rtg.admasters.media
URL: https://rtg.admasters.media/hit/nossopalestra.gif?ref=&lp=https%3A%2F%2Fnossopalestra.com.br%2F&tid=tid-2ec005b76.3ae344da2&d=1656921824927
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
460dfeae57424a493383b2143b85a343c4168b804911d65b5f9b48fec6a46e58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658a84d235a31-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub6i5npIpVoAiFqf6uXTVYIrvv3V5wLSN45B6Bk6mmHNHLlfFdn%2FziR5X3vnfP%2BiShtVY1YFiUn0awYtQ%2BfoIN9GAWGHsodyhiJc%2BhwC3by7uaSO6rndY1SPigM%2BOmN8QiabszcOKNlg048dmTWr5A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
200 OK
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-request-id
84c4f761-7d44-4d5b-9d90-286b6e4cf881
x-runtime
0.005881
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A854 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:54:08 GMT
expires
Tue, 04 Jul 2023 07:54:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 42C4 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a02575035d53aad05635244331c9f5386553d677dc42a1ee8f065b409e26735
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--JlC_ypul8JDC97wHSc2Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce--JlC_ypul8JDC97wHSc2Pw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expires
Mon, 04 Jul 2022 08:03:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame A854 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B929 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:54:08 GMT
expires
Tue, 04 Jul 2023 07:54:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AF96 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28e73defdd0189d3700842b4e0f8616ccc5221b8a34363bdac21c1b84781be29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rDjN3PeEJSXjN6QLHuEB0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-rDjN3PeEJSXjN6QLHuEB0w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expires
Mon, 04 Jul 2022 08:03:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C12 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:54:08 GMT
expires
Tue, 04 Jul 2023 07:54:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 86BE 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a26e8048d57f6c706f927709a44972dec76abe2b8046332b78c791a94a460360
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fV-No0lLqDPATIrHpcayJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-fV-No0lLqDPATIrHpcayJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expires
Mon, 04 Jul 2022 08:03:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FA35 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
578
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 07:54:08 GMT
expires
Tue, 04 Jul 2023 07:54:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3634 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3b53f34dbdbcb29ecc8b3d673c5cb78427b28612251f43921849a2385525e372
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aa_FiB9DxqzkQzlDt1dqVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-aa_FiB9DxqzkQzlDt1dqVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expires
Mon, 04 Jul 2022 08:03:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 42C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1192168929793850&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
rar
as.ad4m.at/ad/ Frame C446 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e6172963723773fcf7dd4922e58c1c584fdc4acbb9c2bcf961b2684b1b00d7
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hjqdwc1vxfx63rnfrs5nf3tfdhxde97ezzx6t7h1d3j7wnh6a4kbkej5mnrj0yjwy9a7w27bpy10hx63bg1jbb6eppqa0ztbgc3h9q3f7wjesabk6kgr2yj2k2e7y6ew2es19zhjqge4j9znka4qv483gxam7zjdx7fq2p6qhgn13zg186mtebye29cy6cm9652e2ans46s41b7v1tx3rqkdz847xejv2ebqgy6dvs31p8fkqy13ytwcwwmva1dtft1esbzygyzjewxz0x4j9gzg17c6v1d42b2nhv1g8s9xekrv7fcaypctvag9s72bd9a8qcr0047dnq3k5h9mz7j1nrm3gt5y2ywm1h27mwwyqq32t04wccacaxahycc4x0c5egsnjyw27s922a8qdbapj7qhzqy&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%26client%3Dca-pub-6830925722933424%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
725658a8bfaef933-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame 49C7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
884b8bd40f5da6332adaba63aa4dbf742ff7ec44c3a8658e8bb42ebb333cf99b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1hyhr6g7h5h9z2rjvjx5sd89phkqmyrf2q49cmxc0r73yfdsh355v36f63ceh9p59mg04rsphh6cjvtp7sjnechmznpzhdmtdh11smhrwmngvw6yph4151z29b6s0jafa6cpkrb7ewepnbyr6axyy5twk7v8b32f2ajjk22c0txyycg7g9hzhzjm05ka03dt5zkxkq6jzc340hma30atvnt5xtzp6hfz0397m4zv9bqfd3wp6cwxkmf71pjkk5w1zfgbrxahh29880vbkg8y0m1hstjqx62wz6pd0vgcs3xg0rrdmxqazp42m6hxgspy99k930p69x8mcr2m78cx41h2abvgvaq107h3vf3gpm3w52znpdp1qamp2gy5qnaw49aw3tx6cfb9ztrbx448p6ydj5b84r54&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%26client%3Dca-pub-6830925722933424%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
725658a8bfb2f933-MXP
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 04 Jul 2022 08:03:46 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame AF96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022062801&jk=4448760543967107&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 86BE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=3934044254191427&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3634 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220629&jk=1791835551068018&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame B929 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame 4C12 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
pagead2.googlesyndication.com/bg/ Frame FA35 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 03 Jul 2022 16:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
56206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13718
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 08:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 03 Jul 2023 16:27:00 GMT
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame C446 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
853563
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
725658a92808f933-MXP
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame C446 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117869
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdukQa5HQsE2Mi8AW9bxD9yvBnbzduEsGWkZZDXAh_3mX2gATVZrW0NFoOH_zgGIp70jq8gzG-WlCtfJytzWS2Aevg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2dSW95h6pgm25s1OTQhdlbrTFSfk9ldKv9T5imI75Q2ZyIdveBpFUE7lS5DMAGeIbIxLbt3T%2BUx4AAk4%2BDyvvj6YvIkapfDGrvsmurY885%2FRvWLkW1gHDQ6zE1UrigR3%2Ffn%2Bal2wEgm9bCM"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
725658a9398483a0-MXP
cf-bgj
imgq:85,h2pri
AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
assets.ad4m.at/product_image/ Frame C446 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/AB835EC0E966F04068CFBCC15FF8D3990CA3F197C61D255EFFB5638D89BE559012324778419F7E946D67344E6F7D42939F789567B51C0345F091B72DDF1D712C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kgeS2g==, md5=b93XIEsKCkA/WEJIvaEtcg==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
682666
cf-polished
origFmt=png, origSize=155400
x-guploader-uploadid
ADPycdteENHchHX-xsSjUZ0dKYy2uAawvv1ra3G-6ejqjeldjPLVCNmOw2Pt0rmR7HRncBLYibhjmWD0C2xQ1phW_dDCqw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
95550
last-modified
Thu, 24 Mar 2022 15:45:36 GMT
server
cloudflare
etag
"6fddd7204b0a0a403f584248bda12d72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2F201hs7sWzvikTs2%2BjKIvBQa0x6oOKR24XpmZP2DIVlKm%2BZX1ux2ZnVOTnK8Gmt%2F3IclqftPn2Q%2BzaW5%2FOgjYh9ymevQLv2Kcet1CmboherHcGjezZHfglH71%2FaUhipDrIQ%2FUWGTgTAsiq7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1648136736276206
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
155400
accept-ranges
bytes
cf-ray
725658a9499983a0-MXP
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame C446
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNOkoOfi3vgCFUPBuwgdWxMP4Q;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=mm_SUBIDTEST_view
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d4af1b70-fb6f-11ec-aec4-2237da5287b3
0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d4af1b70-fb6f-11ec-aec4-2237da5287b3
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:46 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
0

Redirect headers

Date
Mon, 04 Jul 2022 08:03:46 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d4af1b70-fb6f-11ec-aec4-2237da5287b3
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame C446 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1504576
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdt9A4j8_bPkZ6UuyRyiJLIDf75Xk-73zonFgFD5UCZP0fHoWdSMHiIEamP2A0SnRrshzF91a2cyXmF816KgPbOqdDvagUgo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WFdexEHOTnPY03nz9sBK7dHJPpZnBhiQcZAXtgHpjURophRhtpbYHq5mFI%2BJTlDk1VPoDdpDdL5B5EL6%2F21UVyG2Kl1DM%2BxKBQD8Sos7vf0pDbI%2FHXSfBvd77E470QkV%2Fj1797dNYiscYQs"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
725658a959a983a0-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame C446 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
826573
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycds-Q1zDeq-YmsYnbz2rV4qQVbhUnMg41BAD1nvRNBA_D2thq7ZGbfh8yk6dXHMtZAZZblH6sBTa_oUuiGbkNJbe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0xyDz65PZlrObg8V2akoQU9rZ0P5RAj%2BOiSXC8WBsmgzDO%2Be2TngTKivd6C%2Fo9EBVtpgv9auaUGXJJeCQMY4nVT%2BjiX%2BuHHfSFaAQ%2Bqbj22Ub6PyYCfnmRexQ01ncB06zvnBO0FMx7RISIR"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
725658a959ab83a0-MXP
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame C446 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1503707
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdvZKUxoEfAjo_CJ59oFfmA17EQ742vm1_Snf3qH9p0G8eqmOq31dkUdaxkr2ojeR4xcjPCpuK6Xga90FJBOIU_BS1q2HX-n
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW62SlodgxOeaC%2B%2Feo3YsM6ohHDHYrlRSh820qPYFkK%2F7NOf7XJA8KUDIc%2B%2FSoI1j4JG9UZ%2Fmz%2FXuLRyUqKT5W2RT0mVk3%2BqVgxGQ6CxVH8Q5Hqkddrl9MM7dWRjXZF9S1JzEH9Vhx82G88S"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
725658a959ad83a0-MXP
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame C446 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287199
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycds-qhzIiAXCD46jtQ_Z5TNWT-pBCuFttYnci9FYuYZDIqpvIn6-gkvkcn_rzJ6wUNsmO-8GvCUzy58bKNoqhpeBYg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e3GIe6lmfsUKtCoqKF%2BHE%2BX5do5x6awih9Dx%2Fg5KkC2Bxam5Co4BIaDgO3wf45kffIkG3qTz3oAMOJyJQN0VqFmByjAsd2BPWEKVXhClnYl0DlMCajYur%2F5Hg%2B0UUxOmO8U8IjI4zhC7f2OB"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301671870263
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
725658a959af83a0-MXP
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame C446
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=d49e2b80-fb6f-11ec-9435-22651120a0a6&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49e2b80-fb6f-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=
0
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49e2b80-fb6f-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:47 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
679234999
cf-ray
725658ab78fc01db-ZRH
expires
-1

Redirect headers

Date
Mon, 04 Jul 2022 08:03:47 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49e2b80-fb6f-11ec-9435-22651120a0a6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
default.css
as.ad4m.at/ad/style/0.1.21/one-ad/ Frame 49C7 		84 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.21/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
853563
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=86749
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Fri, 24 Jun 2022 10:57:43 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
725658a9381cf933-MXP
cf-bgj
minify
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 49C7 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
117869
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdukQa5HQsE2Mi8AW9bxD9yvBnbzduEsGWkZZDXAh_3mX2gATVZrW0NFoOH_zgGIp70jq8gzG-WlCtfJytzWS2Aevg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poYuiSnHM1YANPPAe1XYl%2BAP42aUBaJmCKzclH1Yt8wOT4iW98TXdXwo6QObpW4Os71nWGrQJR7xx02zHXMy4aEkJBaMHxMy6vdBidUv0TYM2hn3u2APezojgh3s673A4MAYKnyhoVS97ExX"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
725658a9498c83a0-MXP
cf-bgj
imgq:85,h2pri
18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
assets.ad4m.at/product_image/ Frame 49C7 		317 KB
318 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/18B94174251C2CF76EA99FD460FAC2CAEA3A9035BC0DAFA1AFA37FFB175B78880F10C9B121A8ACC31AC23630DA7466A11649951F161682DA76B2C6E951030B12
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=h0Ee3A==, md5=fa2j8/YyGn7kutxTsR2h8w==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1509220
cf-polished
origFmt=png, origSize=451997
x-guploader-uploadid
ADPycdu8yaxgi_qsd4Q54acrhcz4iEdoHaVA-K9w6Bvx515663LppvNE5BzNdOal5DglDbI_EEWtaADajwYEfLozrKmaS4buxrxX
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
324760
last-modified
Tue, 14 Jun 2022 08:21:28 GMT
server
cloudflare
etag
"7dada3f3f6321a7ee4badc53b11da1f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKpgZwDFhtGKBUBWfTJsTdhDwzndiytRSN0HW7mm5qQTtG0pfksoOKtvhuHlBI%2FgxbrB%2FdwZ8SrEQDLbI%2BFVrbW8fpbsqU1I7q%2FS5Ot1cEhEEq30ejNsqCzNGn4Q1klZInYRYoCE0cvu5cfm"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655194888130368
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
451997
accept-ranges
bytes
cf-ray
725658a959b483a0-MXP
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 49C7
Redirect Chain
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidGjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tEoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d49c7dd0-fb6f-11ec-9435-22651120a0a6
0
518 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d49c7dd0-fb6f-11ec-9435-22651120a0a6
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.77.139.251.148.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:46 GMT
Server
Apache
P3P
CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
0

Redirect headers

Date
Mon, 04 Jul 2022 08:03:46 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1656921826_d49c7dd0-fb6f-11ec-9435-22651120a0a6
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 49C7 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1504576
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdt9A4j8_bPkZ6UuyRyiJLIDf75Xk-73zonFgFD5UCZP0fHoWdSMHiIEamP2A0SnRrshzF91a2cyXmF816KgPbOqdDvagUgo
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enVS8ImHdTf1p3DKVoZGpl7EftvaoNnI7FKKVNnQ3XjhoPHiOaX7G6ADseSP1tTsvoQXF2FtnjQkPboseG38Mpd2ScutNtrnmXOE%2F6idnhJ5gEwwIdwwamIRpdCAJNh2pTe4mIZ3FCe%2BZ2lA"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
725658a959b583a0-MXP
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 49C7 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
826573
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycds-Q1zDeq-YmsYnbz2rV4qQVbhUnMg41BAD1nvRNBA_D2thq7ZGbfh8yk6dXHMtZAZZblH6sBTa_oUuiGbkNJbe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SFRKgzJMCnmyXsfYRPlODiavFk6SzSox61x2oRbYPkJo8YGIESLdODeko67BKryIhmE0WM%2FUZ%2BFCkvtgNzVftR0yshzuXH0EdWQ4R%2BfBHz2ja40henz4AdMcz5BSyDACSCeexlUiOo2l6qre"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
725658a959b683a0-MXP
cf-bgj
imgq:85,h2pri
CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 49C7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=kzpU3g==, md5=rZM0ZkUU2QCgw7dtF8qWDw==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1503707
cf-polished
origFmt=png, origSize=39979
x-guploader-uploadid
ADPycdvZKUxoEfAjo_CJ59oFfmA17EQ742vm1_Snf3qH9p0G8eqmOq31dkUdaxkr2ojeR4xcjPCpuK6Xga90FJBOIU_BS1q2HX-n
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15996
last-modified
Wed, 22 Jan 2020 13:07:55 GMT
server
cloudflare
etag
"ad9334664514d900a0c3b76d17ca960f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SNQbMVxwwfYBvcNvlU49i21a%2Fdt8iLtgIpwBSG5BG9xuouPj8zsVAJg0v7kKe2jg%2BxwP266cj%2FGeBBwEFqk2kgYnqKNHvMGCpvfnnyPW2BVj19qlx%2F%2FYnff10mIhXr99T%2BuhNYy%2FJR0KUTn7"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698475785088
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
39979
accept-ranges
bytes
cf-ray
725658a969c583a0-MXP
cf-bgj
imgq:85,h2pri
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 49C7 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-goog-hash
crc32c=KioGiw==, md5=gsfeD0L/Vf3QrMB3MWZAMQ==
date
Mon, 04 Jul 2022 08:03:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
287199
cf-polished
origFmt=png, origSize=342797
x-guploader-uploadid
ADPycds-qhzIiAXCD46jtQ_Z5TNWT-pBCuFttYnci9FYuYZDIqpvIn6-gkvkcn_rzJ6wUNsmO-8GvCUzy58bKNoqhpeBYg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtKn8K7EKmXxjI2RyK1JRAomc3fLgXlXNAqO%2B3XdnO1yed2zKgzy6iCUOtifSmlU2dK3aL%2BupwbhC7qgzyguSNHmnZzFABNVgpl6M0ShOuXtYetPsX0N5J%2B%2B1n4wLqvgohjBAQyWkMi%2FiD5V"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1655301671870263
content-type
image/webp
expires
Tue, 05 Jul 2022 08:03:46 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
342797
accept-ranges
bytes
cf-ray
725658a969c783a0-MXP
cf-bgj
imgq:85,h2pri
ztpv.php
www.conrad.de/ Frame 49C7
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.zenaps.com/cshow.php?pvr=d49c56c2-fb6f-11ec-aec4-2237da5287b3&v=11354&r=412871&q=377129&s=2470185&viewref3=oneidRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7oneid__dc_reach_suite02wkz&pv=1&gdpr=0&g...
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49c56c2-fb6f-11ec-aec4-2237da5287b3&insert=AW&&gdpr=0&gdpr_consent=
0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49c56c2-fb6f-11ec-aec4-2237da5287b3&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:47 GMT
via
1.1 varnish (Varnish/6.6)
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
content-type
text/html; charset=UTF-8
content-encoding
br
cache-control
no-cache
x-varnish
641889356
cf-ray
725658ab78f901db-ZRH
expires
-1

Redirect headers

Date
Mon, 04 Jul 2022 08:03:47 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1656921826_d49c56c2-fb6f-11ec-aec4-2237da5287b3&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
generate_204
tpc.googlesyndication.com/ Frame A854 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?0OFefg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&t=event&ni=1&ec=Pushnews&ea=TAG&cid=1685907763.1656921825&tid=UA-104161738-1&el=LOADED
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 22:33:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&t=event&ni=1&ec=Pushnews&ea=OPTIN_WIDGET&cid=1685907763.1656921825&tid=UA-104161738-1&el=DISPLAY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 03 Jul 2022 22:33:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34188
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
iqbroker.com/lp/mobile-partner/pt/ Frame 0285
Redirect Chain
  • https://iqbroker.com/lp/mobile-partner/en/?aff=298933
  • https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933
  • https://iqbroker.com/lp/mobile-partner/pt/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iqbroker.com/lp/mobile-partner/pt/
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=TtGdo9CoAtd4XKyW
Protocol
H2
Server
185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15555600
location
https://iqbroker.com/lp/mobile-partner/pt/
x-iinfo
9-30250824-30250830 NNNN CT(16 17 0) RT(1656921826795 19) q(0 0 0 35) r(1 1) U5
backend
arbitre_v4_api
content-length
0
x-cdn
Imperva
country-341630
br.betano.com/myaccount/ban/ Frame B859
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13795b_1820c_&affid=3237&siteid=13795&adid=1820&c=
  • https://gml-grp.com/C.ashx?btag=a_13795b_1820c_&affid=3237&siteid=13795&adid=1820&c=&AutoR=1
  • https://br.betano.com/offers/casino/?btag=a_13795b_1820c_[CustomMergeFields]&siteid=13795
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=BAooiAAxAyjgF4fn
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
578604571
location
/myaccount/ban/country-341630?siteid=14
x-farm
04
cf-ray
725658abeb442355-ZRH
x-xss-protection
1; mode=block
x-cacheable-status
302
link.html
track.webgains.com/ Frame C446 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kcpgr578brycwy7wjnt4nz8mycx67dm0fm47j1nr6wambz0d6625x18peh05gwg63x7wjkh9xzynyfasfhe944661trhbxz5ws8e1c3xtjyxr0mymc1fr7k11mcr5zve9zf5s754kd54j3h82mzkw8vmb0h5x4massh4h3rjrmc11f4jr2mm8scpttdznrpa1bf4kp4qzwcejw0zq3sq0ry5ktrvsgk5rfrfs7xyar88x13rvhwqwb82dtjxzzhf3b0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%252526client%25253Dca-pub-6830925722933424%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
17a1f0b031477ac7846ce5299eb79df329ebbf595b67a3bdc29d017841f485bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:46 GMT
Last-Modified
Mon, 04 Jul 2022 08:03:46 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1413
Expires
Mon, 26 Jul 1997 05:00:00 GMT
link.html
track.webgains.com/ Frame 49C7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j3t5q5cdc1fa5jem0ghvkanchdcw8j4crbxj9tfd0nwbtc2tzc89h6xyeqck8z5exvm7rzgs5fcv7zs73zdw30wc1dd7g9wp3sfzsqmz2bh7rfjpz4ww32wcsk0nhpe3r99mdj77fae9kjj42dbje1jyt4tr12y1mb7rknbx1wv4xzv41smw6dvk1e9yrayg25z8evv6t2n7paftz6b277dfwpdejd8vskg3cpsc9fw2r3cahjrw9gb532e4s6phm7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%252526client%25253Dca-pub-6830925722933424%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
828be9cf8754e0b42ccb2fa8df4ed132dccd9cb960d8618f3a79cb8710eaf002

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:46 GMT
Last-Modified
Mon, 04 Jul 2022 08:03:46 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1376
Expires
Mon, 26 Jul 1997 05:00:00 GMT
DefaultAff.aspx
members.bet365.com/Members/Helpers/ Frame 16B4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://members.bet365.com/Members/Helpers/DefaultAff.aspx?affiliate=365_01088220&forcelp=1
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.226.179.10 , United Kingdom, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-RAY
725658aa9b638fe2-FRA
Cache-Control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Jul 2022 08:03:46 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Thu, 01 Jan 1970 00:00:01 GMT
Referrer-Policy
same-origin
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/gif
8Ow8dPZ5AafyL6HuB2fIls6fLRQQFi5K2kixiEZO.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-(New-global-account)/banner/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Bet365-(New-global-account)/banner/8Ow8dPZ5AafyL6HuB2fIls6fLRQQFi5K2kixiEZO.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.143.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
24b35dbd8681681f5a851739371afefcb2c43e922cd0941be2d4034669fd336e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:47 GMT
Last-Modified
Thu, 07 Oct 2021 08:16:03 GMT
Server
AmazonS3
x-amz-request-id
BMGVZXQE8WG5P0GX
ETag
"7bf4a3c5203e68a8c4a5aa215aeafad3"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22593
x-amz-id-2
ug5HDOZaBsmfSrzOOBYKaVPHkkEUGWEs5dzJ6zzv9Ykp8BW8/A7XyPdgM6adFw0XPqk3dUVDBcU=
country-341630
br.betano.com/myaccount/ban/ Frame 1CDC
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=&AutoR=1
  • https://br.betano.com/offers/casino/?btag=a_13918b_1819c_[CustomMergeFields]&siteid=13918
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=Cqt3rsU5nDzXQpHa
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
858850096
location
/myaccount/ban/country-341630?siteid=14
x-farm
02
cf-ray
725658abeb412355-ZRH
x-xss-protection
1; mode=block
x-cacheable-status
302
/
iqbroker.com/lp/mobile-partner/pt/ Frame 696D
Redirect Chain
  • https://iqbroker.com/lp/mobile-partner/en/?aff=298933
  • https://affiliate.iqbroker.com/redir/?forceBackLink=1&aff=298933
  • https://iqbroker.com/lp/mobile-partner/pt/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iqbroker.com/lp/mobile-partner/pt/
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=gLytB68KW9ZeUQvs
Protocol
H2
Server
185.117.134.138 , Cyprus, ASN204006 (IQOPTION, CY),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=15555600
location
https://iqbroker.com/lp/mobile-partner/pt/
x-iinfo
9-30250824-30250831 NNNN CT(17 43 0) RT(1656921826795 20) q(0 0 1 37) r(1 1) U5
backend
arbitre_v4_api
content-length
0
x-cdn
Imperva
country-341630
br.betano.com/myaccount/ban/ Frame 16B1
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=
  • https://gml-grp.com/C.ashx?btag=a_13918b_1819c_&affid=3237&siteid=13918&adid=1819&c=&AutoR=1
  • https://br.betano.com/offers/casino/?btag=a_13918b_1819c_[CustomMergeFields]&siteid=13918
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=8N4XKBc4QE72byNJ
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
x-powered-by
ASP.NET
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
73693267
location
/myaccount/ban/country-341630?siteid=14
x-farm
10
cf-ray
725658abeb422355-ZRH
x-xss-protection
1; mode=block
x-cacheable-status
302
country-341630
br.betano.com/myaccount/ban/ Frame 1091
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13793b_1238c_&affid=3237&siteid=13793&adid=1238&c=
  • https://gml-grp.com/C.ashx?btag=a_13793b_1238c_&affid=3237&siteid=13793&adid=1238&c=&AutoR=1
  • https://br.betano.com/register/?btag=a_13793b_1238c_[CustomMergeFields]&siteid=13793
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=hJZtDYBUov1RF6Ln
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
location
/myaccount/ban/country-341630?siteid=14
x-farm
13
cache-control
no-store
cf-ray
725658abeb3d2355-ZRH
content-length
0
x-xss-protection
1; mode=block
x-cacheable-status
302
/
dailymarket.com.br/dailymarket/ Frame 9E5E 		346 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Requested by
Host: r.admasters.media
URL: https://r.admasters.media/click?click_id=AyEBFC3e3dDaXYiB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc5f253fc8889d015fa15f13b005f34023e924af350c989d16db8bd40c411a2

Request headers

Referer
https://r.admasters.media/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-edge-cache
cache,platform=wordpress
cf-ray
725658abeea8374b-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Jul 2022 08:03:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://dailymarket.com.br/wp-json/>; rel="https://api.w.org/" <https://dailymarket.com.br/wp-json/wp/v2/pages/387>; rel="alternate"; type="application/json" <https://dailymarket.com.br/?p=387>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FcfuAC7u%2FXz%2Bih4eYOwwXWyh%2Fg4E%2FYr%2BzXyDJuzRP9on6JdaYLDFLmXshU1UarS%2Fbk53rPqixGgMF3q%2BfTrYPysa7rYvcOTj7fg44PuUinnrRqklzDrxOo2li%2BkMqBdJJlavfF%2F27TXkyHNjXAdmrj8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-litespeed-tag
a98_HTTP.200
generate_204
tpc.googlesyndication.com/ Frame FA35 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TO3Hlg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame B929 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ISQMMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 4C12 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-QdDEg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
pvClk.min.js
analytics.webgains.io/ Frame 49C7 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j3t5q5cdc1fa5jem0ghvkanchdcw8j4crbxj9tfd0nwbtc2tzc89h6xyeqck8z5exvm7rzgs5fcv7zs73zdw30wc1dd7g9wp3sfzsqmz2bh7rfjpz4ww32wcsk0nhpe3r99mdj77fae9kjj42dbje1jyt4tr12y1mb7rknbx1wv4xzv41smw6dvk1e9yrayg25z8evv6t2n7paftz6b277dfwpdejd8vskg3cpsc9fw2r3cahjrw9gb532e4s6phm7g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%252526client%25253Dca-pub-6830925722933424%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-34.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
13982
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 04 Jul 2022 04:10:45 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
52117
x-amz-cf-id
fNueLsaHQ_Ucr4EbQGgFqB1UGJm6bbhkuiI7Rmq9MdX_VXp6a_HpOw==
link.html
track.webgains.com/ Frame 49C7 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidBd8zfgfPfmx4sxH6H3t9t6k9ujSdtmDXuMoneid__adalliance_advancedad_728x90&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196438%2C24673%2C14019&b=GjeTBfpfXwx9UKHeHGtPt31dHZSYTeA9tE%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Vx7fwfmfDjJEfVHbHAtXC8j4cBSzTzQkTQ%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=7c80accd9162544f7ed9455183e09fe5%2F14755550546738366199&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826625&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kq20nbnrwhw3ndyrnaqbj02mjjqf2cbyp80t1ad03zt2asw711k1dscx78kjc3jshcxhccx7nr3529v7dfyrajrc01py9x7n4gk9rsasb3kehz0zxh88gescnrbmbm0cp80646aazjyjq192wqgnr182mzsq20ctwz2s4v0wg0vgfah26djrc1sqrk4tqk0an8yb0q5nejah2vg7znb822vrthgf1qzywxndhdethpmfh9yf9rwvc74761s67ka5gvyt0pkrwn5m%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnewA4Z7CYtKmL9DtYoywncAJkOGBhFy2qMKK8ALAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNjgzMDkyNTcyMjkzMzQyNKABwq7o3QPIAQmpAk2WDSFbfrE-qAMBqgTKAU_QhWAKWqFzYmZu8LAGvxDaZMknh9tMf7OEE7xdimpjvuTGKjLU6bSi-IxWH_3MlOUYBqWJPY2SN3fw5U7echmoXikIw0qHK42Mj8fBJHkEPgWn5fxCrEX25-4NEBRYKSHh5ih1t11und0l6Gl3zftsntYmgZHuY0wK1AvyZirgxrtblTsnA_ymwuaNEJqlPRFEjJ3BBFecPthw2Dn57k5NjqYhO_M9Ed5CS3ExBpNp5v9X60pfFXyC7RdiaejHgJSIR3kN0r_iQf2ABr_Lica30_nRW6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1dVo4ZgtLq3X3_pywfaXWUzKuqkw%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:47 GMT
Last-Modified
Mon, 04 Jul 2022 08:03:47 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame C446 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kcpgr578brycwy7wjnt4nz8mycx67dm0fm47j1nr6wambz0d6625x18peh05gwg63x7wjkh9xzynyfasfhe944661trhbxz5ws8e1c3xtjyxr0mymc1fr7k11mcr5zve9zf5s754kd54j3h82mzkw8vmb0h5x4massh4h3rjrmc11f4jr2mm8scpttdznrpa1bf4kp4qzwcejw0zq3sq0ry5ktrvsgk5rfrfs7xyar88x13rvhwqwb82dtjxzzhf3b0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%252526client%25253Dca-pub-6830925722933424%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-34.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
3_MJXCnMrjiLc9gQ4cSP2UO8QHaqI_KE
via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
last-modified
Tue, 24 May 2022 13:31:25 GMT
server
AmazonS3
age
13982
etag
"8e0f444d427a5cc08c98fd04087e9847"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Mon, 04 Jul 2022 04:10:45 GMT
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
52117
x-amz-cf-id
2F9mjjbeOlU6H6otahmmfl50jq8Iftmvd1-ZRpmupZpJ4psH-A4c0A==
link.html
track.webgains.com/ Frame C446 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneide5dwa3fVfMrWsjHZHet1t42BTwSQTxMqt1oneid__adf_Netmix_Reach80_TELCO_VIEWABILITIY_WKZ_eVCPM&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=186460%2C24673%2C14019&b=q4VSmfWfJWr1TZHgHDtJtZG5UeSgTA2ja3%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2CRx6fgfQfZx7TkHwH3tQtdWgf9SzTmqbF7&f=Rx6fgfQfG6wACkHwH3tzCPzJu9SzTmqbF7%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CQxef4fjfbV7txH5HYt9CZekh6S4T5qBcV&c=728&d=90&e=&g=caa7c085ec0f19d6fbb80e76111ae677%2F14025428897948590515&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1656921826623&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gfttw3ysqesxm7bvng9mbfmx57qbq38nenk5htkpck2kfmt9wa7gs7p5vqbq0qq5n3bmtcrtj1m8ncx2qwrgbdvwh7m4tg31tvg90sdyejjchvz36dynebc65kn1jpx5es7qb30hn1bcgf1bbxm1px8d2tpmjqyrb91n8jtamt76ebevc6t0pm1z820q7z7ahk45jd89836re68kpfq87rnrn98q69bxgzqr10s62apv505wjqxf1py29em7w0v4akwswkrsxbkw%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCl0904p7CYuvxA7iO-cAP-MC7qAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi02ODMwOTI1NzIyOTMzNDI0oAHCrujdA8gBCakCTZYNIVt-sT6oAwGqBMoBT9BugMBsYxiuvhq4GxLdST7rQSOUX_6r3TBUPb-nmPV7Ri_mEvXS8qRDeY0Sps8trka3qUzm1BOjDbVWmy2i3VRVaAHmINn34JZhKxTdqCtqD0rU9lvDvPkBNLndYnjANe2ti8H4zAO6DykS3soDVAQSSNfjHRW2_hMQyRG_OJH9Ye8uL1f6lMEjTFj2O3wShsmvgUML8uqdCI3iS-wlO-ApiZNMVhrJqVufnIlJJBZSzuRvtr1iWXnuq4JeU67Bfkjzz5IDDA4WU4AGv8uJxrfT-dFboAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1Zqy5jVqjowJ2T5hj9nQUQkzVm-w%2526client%253Dca-pub-6830925722933424%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.236.35.87 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-35-87.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:47 GMT
Last-Modified
Mon, 04 Jul 2022 08:03:47 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6AF6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZono2tUsog7LNsMFuufJj-iWnbB_drvl_UOaGpPyOkYl04W0n0IUbM5T1y--GJhM-3RQlbgqvvSiV65UMoRItjBhq&sig=Cg0ArKJSzO1FCHG6eKbqEAE&cid=CAASF-RomEYgol_ZL_qih8Ul98cIVCEJpcGQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3778084439&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656921826173&rpt=68&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 93DB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUMdH70HUZhx_ImeT4qJZrr-Oad5t9xX7SgRoAWdF-DcHx5RJ0k9QZR6iRTe5GkLtYVyraUN8FsbNWFSHJTDXNs3svq6JSkOkV8QGrQ-Yq9w7zTXcjrn1PI9qOW6SfiJDKB3-eJA&sai=AMfl-YRfv_ruQLSD0m-obrTFE4eNwTwDz9sLOtBfIjIRmvHp9xEC2oOd8W7dRriBJ061EOnNSSn8DSQ-IPhbAMcb0NU-FyRt3ZpL1og&sig=Cg0ArKJSzEaKF1urECTQEAE&cid=CAASF-RosAI5gOFljOyaysEdehudxVFMT80G&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=406591891&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656921825703&rpt=697&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0D0A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu1IoqQRuxjCP20QCjtIlhlJn8XKmG0mhv0UBieIrLEnHNfQpfcX7OgFSkRjmq3Zn-aaYghiJxLpxM2vFq-1la-6KMv_3iJDd9aPmXkLSF9R2L0r2sO&sig=Cg0ArKJSzCMZyhdlDJ-GEAE&id=lidar2&mcvt=1002&p=1100,436,1190,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3673918242&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656921825374&rpt=1028&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DDC6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuoZ373-xsDzl5uJFSLS41NuEIt53pbTcOfLsgbhvP4_WgLWY1cO5VIf7dkZrJU-gciG1k1eooiFYOkhDsulmSiqnOXCf5v7Wmgbc_CbuE-dQacy0lv&sig=Cg0ArKJSzFUIAmiibXKsEAE&id=lidar2&mcvt=1000&p=829,315,919,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=799758482&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656921825388&rpt=1113&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0D0A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1192168929793850&bg=!kJOlk9fNAAaLlKKnq5Q7ACkAdvg8WmqTmEuy-ado8icVej2R7Foc9kpQ4o_-ZlMDaXOTYsI_RPSjeQIAAAFIUgAAAANoAQcKABYrV2cThmgkNLD-elKWN3hVksD8GHUWmQLtmKJhR52E5CG3AZRhKowRsmPMu-PotYrqIhv7Gm2rK0ijjcjRaCZsSA-zHykljsPVctHpuml9ZcybjxWAR45o5TL_EEehWQRmBQRujJhIP3gT12hKDnyjx_dKhakFeiqGZszLE5A0Kvr6pAyxpPlMY2k-CpX5M4fd6Lxgj9l6pt8gd0e2AUVH1V048tegspqk2hAwjlkmkvO73Ahmlw3rZMDpoZ8uVw-HFBYJcn5qm7vP5tkpM4QFFXR52u0ZoDDk3ILwkIDDIhMFHd4_dwGOc8R2feEp3fS41KTvTNYDvXuBvRJttqQ0zQl33dM6BYXODuH2V6j-XEuWqpEY-a44IvRhMvN3vbe-FSL7lE_StFkdfmXdzLmgHFrWns0l-u76MNs9Yw4JahOjRZGULnHOoP-6N06ztOje1mC_PBg0-m9j7jGR3I-MOlfd0HnuWRtqFhsxkH9W_JhFdWS_Q25B9-vcpQ0dEwHpBMPamNuzVSH8Yk-Bpm4AI0IoJ1hi-l-p9nXpPRmTrSYnGCoNlaKvb24z554MiClLWCpIqLXeqVnCWeqroTpnBOFTJy0GhV2uVKRzpjrKyhHV0Co-LCzCOBpxf0Evif7A7sJ5U4sYI6yAvzdYXijrPaOicIjAxz5Us30UlS3djoAwxQv0YUBbmzKSYcJtErdzutw-WiIscjv2DMxMwjVbhb4VOcna5VEj-Jr-pLvi_zqBONLz4tEP3q6PvaGGPPAXLFC5kv5848f5iTb6hnywKy41bxjSnMPAcpqzPga5IHCMg2fpoi-rxGKLVZB8xy_W7uw6SJaea4MRHvOl-Xi2yxz7AkcX8lLHohCbNW7ozoChon0e4YAoR3fAmc7rZ8R3cvEgzWSVXEueWf_g4GhnwkcFoFtc7ypjsl-ucSNyFbQd5lacKNDKvOPy36UkFadNxGrNLyxCpYq6rqYSBFKM7R8vafkxy7Pe26BjMiWY0SZl-NSFQ5CpMU3n59ufl5ihFTxhpKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame DDC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=1791835551068018&bg=!-Pul-7_NAAaLlKKnq5Q7ACkAdvg8WultHGR606bLD7lyRRdRthfDr-HNfM-5EjceJL4SnGAs6Sg-RQIAAAE7UgAAAAJoAQcKAAPLI9CZAuzS2WkXQ2dUrZFGwSp4UDGVrainrUhmpz2TVuo_-5i_uGMdQvOHC7JJ7_-C1sm0EeYpiMr1wXZRLsoTr_wB_XeDBTgAjMXm6NerFoKqQPS2rzoRSA1Ff53tYxp79ruYKkhxGpOBOC8reGYEaou-RtCJeFrtQq3yIhomhrRJqHYY61zgHPqQqV9RLv6iA6QHvsN10udqEo5ZwOjJiSLjiAQNpystDas_ibBCxq7xY6Sj4-Hhl03EZa8iyGoGGsJpHj_Vz1DX9YPjas6vbfvwUOJVQZN7yfZYrkKCeW4sI18QuVNIwsK3ydZtVBHIU1wO_VJR-fUYEYIZopfVwnk0rtkYwcF5-IBXxFJIsezS6kenpm5wDxkwDUC3WgcNmUUa8jXGEK_o5pOiz_TYSGIAxhjs1kYByjNpjtYAcTzztm9fC7Ip4lI1ZMeZL4rPLXzPRTdqHMK5a1LymFsIV_ovHR-VEJpdUG3XUD9Ya0UQ4FMfnmUsmi_0ItXwkxUaWI3tUkSXQb_BtY9IjwRBxpKCLZxWPWVwPTDYB60KYu6KPcXLu24LGqbGvFu0P0LDy_Eem_j5vB_2-0Lce0D-ajz-eqwr_kbeHjZOZUH7EUdzggZ5mup6Vh-qXkS2LJoSLCAipox5q5rJT-frK5vOmIZ04dGegXD0jXo9eekaNYKHa00M_BEaXw_XvAe9GYVULc-WmwpUIBD2a7cowZRysucm0lmG-FTRbV6ZZWH4HHKc_NKbkmMQ5D8Axp5AV46RuBw0_2fvrQRafBRQaz0B6jZnoWD957btqss29BinVbIIQRHDV6BZOums1lRnmHRAUdRUmeENPgFP9LJSnOckKq7-wzeFWz0T0vqQouqCATLIjdpjeaa16VMQSintD-JqVt8NFQ_Upw_1KDmso7KIRbwXfsLO9K8RFK4VIXTStJNrfYEbfp3pTRSFcytiKS74SMs8kQ3SxJ6AGtUDsrvkdfHtMoTZQIdymfboug-t0Wjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022062801&jk=4448760543967107&bg=!bW6lbirNAAaLlKKnq5Q7ACkAdvg8WtRmhixoFWI3c6q7TFFoYGjxZmCO_1bYhiA4quPB8hhXThquCgIAAAF3UgAAAAJoAQeZAqViNnY5S2GvT3vYw2R0FpRA0lj_ktS5jrfVRFfxFwzQPEUc-8RaYtqv9HExlXAtEzViKWalQZl9NDZysEP1AWEoHrg7841wmrmYFx-wTgBgEgp5twY1IO-nqynTOk2UvsVjgOP_DWqwZHSVQiKup0LOx3qIjHJSi2vMtVhLwKItdt8Rwt1toZkxGRyxlNnXwgnkrlHls8Leesx0s_LZ9HdA_HaMpW33jsvH4JlnhEmkGmc7a69exSlaaqOWvKcoacjTJ-Pxk_bt20gYNfnXcXHWitO3dPd4Q6qCSNVTDEp29ZLNZSUD7shY-2p35c0ILoPlgHnIXZA9DRuA1pVNy2hyQi_TLeD8dU0Dd9z8cPZWS0-rcJnxDCrHfKv4Aqrzp047NSE2hNfV7lpxA0ybj5eAaL963ffIvwlxW5iFEzg72nVhjqukUorFXSGP_Bpysg5ry4EKnLIR7txXPmjAJaMxvIl2c-biMIQTq09kT7ah-CcldKZSyjxZOeXSciwn7DyfX0sAtt8ZDAGiLrtj3n4utGyXgtLMF6XiNETJoXM-SmQ8a4lpteoDLqbJ2YHmIaW7ZuHs0qdwJ3N8k_A5-Acnp1AcZCl_K4u__vMj-oHaczTOfdK48Fr_znhhoO1IKMfIcctGdyWCIGrlI1GyExwKMsUvSxB1q7noeZMit1QwPdNHAa4bRYRnON2agGBMw-2mYhXSk6RHsTbrxeOuEfhplWxZ_oZq-YbbTxubvZRirg8lICT83FHgm2Gwk9TYwbow62TDXnCkVjwBWEoteDlFdTi0cgvAAAyqO_AJcaS-EANry8qIUTBQLylkb8zbVmc4aitA2zmqzAnOE_k7FfNkGC8DUbd74qh9fjuhMQnYaKdcZSHS7bdlRt4gWwrR_38zruI1yg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6CF7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220629&jk=3934044254191427&bg=!QUKlQgbNAAaLlKKnq5Q7ACkAdvg8Wu0c9eZbiR6DowBfQ7R6L4ZdLH6_QSkenvpGB8uibLxa6M3nxAIAAAFoUgAAAAFoAQcKAAn9noDPt08pgpGZAt4ZM8Bx6WsCTRDR_hOILgd3bLhZmgW0RF8bwNyMFEA8hGPb7Jd2m6U25XVlZNpNStP5QxQcTyV9ET21o0f4i9LQK53ohaw81FTv48b33aKaaVAmvNWbx4Q8J9ejazCH5Y5OwFcDM3hxwasvrhh4Pm4hxuBsxULow9-muY-QdBACwu4BOVoeKsgkfnyb-MyBQFx_K8N8F-bBjrHZNKS0-qhkC6WB-o_5I3Dftc3r_9YE2vIjOR1-dNE9YuGKXCjvKGyVKrg-5zLH3-H_5QO9pLHq-CYtg81mswOlHTpX7_5i2-h925iOGn5eUZBKBhuxSjdpbkphpIy6WhyLXi5bOXlpY-vgs4jSQqg9jsnMdWecybC9UQJyoZXPA3CmwfHAb9sj_ZnDLeEPYQ05AvQKQNB1casK-VM0bzg7VGB6EYOUOgx0m1RjSR72H6bQgAOUnouLqWdcRqcYMhCcc6aLwS7TXdsZy5osR1ndbLvXUco-khaWSDYoewvQsg63FAvV3c34EvLH8iYtKX-L1ZQyLuvtbBqi3aGxds8bJjvi8xw-2Ca-hiHKrBXBfDgTFHOUTOyk0etEy7I5qh4T2EzoePHwuf0pKWQayhBMQ2QHRdXg8nJaXinjMgwhFPvjWOmzBtoXIlbLDHPIz0Scv-gKhpkE8F6lWN0Stdz04ygW4nj8uH38TzJxTmeHbv5DwyGK6xl3bQzS4K24nAJZc25yJibK9YU1MwpdB7gOHtzi6Is4-R0hOhjnuB9AzVhliGydPcoj_JELuctJOzvGcPk8wq4sqiEkkWNpoaGvHbKTkOjC346kxkK3czU3G7VUkkSOxV8ik_nK5Hp8_VaOlGJvVtFIE717eEYUTrEgZvDclkvitdczNtdI3QX88IAce7j1rLIHDKfi7dKxr3lOFPP_R1VbT8RlwqIt_CHhkcY6DxXuIE04daX5oCdBg6OS9b_28GW2jVVRhmk5iSvecQcxUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
country-341630
br.betano.com/myaccount/ban/ Frame E503
Redirect Chain
  • https://br.betano.com/?btag=a_8563b_888c_&affid=1654&siteid=8563&adid=888&c=
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.com:*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
725658b13baf2355-ZRH
content-encoding
br
content-security-policy
frame-ancestors https://*.betano.com:*
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-farm
02
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
725658b0cb182355-ZRH
date
Mon, 04 Jul 2022 08:03:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/myaccount/ban/country-341630?siteid=14
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-cacheable-status
302
x-content-type-options
nosniff
x-farm
04
x-xss-protection
1; mode=block
09lnvIhVlk1yAZGUCeWaYb6Ja91ANKCP0p88jXRF.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Brazil/banner/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Brazil/banner/09lnvIhVlk1yAZGUCeWaYb6Ja91ANKCP0p88jXRF.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.143.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
dbfcad26825b0646f031ff0da6dbb233df888213083f3cc4c2ca90cef877cf2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:48 GMT
Last-Modified
Tue, 11 May 2021 14:40:41 GMT
Server
AmazonS3
x-amz-request-id
MFQA9QS3EQ1HZ8K5
ETag
"911880bfe41142787fab6bd0fe432133"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22982
x-amz-id-2
Z0stBr+UXIRvroBa3ZwRik5arn2w76rU7wPS0zQCyhx6EXsq/u17l+9354dgd4XLgLya5xR7gX8=
tracking-event
api.webgains.io/ Frame 49C7 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 04 Jul 2022 08:03:48 GMT
server
nginx
country-341630
br.betano.com/myaccount/ban/ Frame 4375
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13793b_1819c_&affid=3237&siteid=13793&adid=1819&c=
  • https://gml-grp.com/C.ashx?btag=a_13793b_1819c_&affid=3237&siteid=13793&adid=1819&c=&AutoR=1
  • https://br.betano.com/offers/casino/?btag=a_13793b_1819c_[CustomMergeFields]&siteid=13793
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=9LQLZeJdVuNsZDaW
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:48 GMT
via
1.1 varnish (Varnish/6.0)
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
0
x-powered-by
ASP.NET
content-length
0
x-xss-protection
1; mode=block
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
x-varnish
613210151
location
/myaccount/ban/country-341630?siteid=14
x-farm
08
cf-ray
725658b1cc8b2355-ZRH
x-cacheable-status
302
tracking-event
api.webgains.io/ Frame C446 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.130.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-130-126.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 04 Jul 2022 08:03:48 GMT
server
nginx
style.min.css
dailymarket.com.br/wp-includes/css/dist/block-library/ Frame 9E5E 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/css/dist/block-library/style.min.css?ver=6.0
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 05:29:23 GMT
server
cloudflare
age
1636
etag
W/"628dbeb3-15b26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gABBJgpoXXybYWT0RDsmJ3foTqlqGb9OrUpDcuk%2FtEiMJDvs6eI1Omr3ER8bGhMONm%2BFi2hDjqTm6P3Wx53QkeWgdaYNLTla%2F4ysNiZiNU%2BOS7%2B2IuhVBW%2FVA%2Fq%2FEwErT9BENOUND6EkGsioDF8f26c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b16ff95a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
dailymarket.com.br/wp-content/plugins/td-composer/td-multi-purpose/ Frame 9E5E 		36 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-composer/td-multi-purpose/style.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb96d10b4b71a90568c571d4420edd4e2e38e7faf4eafe7f9adba5374c14fc60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636
cf-polished
origSize=37612
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 15:37:42 GMT
server
cloudflare
etag
W/"6294e4c6-92ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Caosm92tteMf2BQCzRApt%2FRm8NAVL6hVB0wALqqp63IJADlHgJ%2BezxX6jocDjbnt4Nlfamk0pC%2Bq5Qi8NBU3huDGyi%2BcNHoLkRtYtCZQwOSi946C0mfMAzADkZ73%2FiknIS8RKNDMS7Two3VV77lNT%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
725658b16ffb5a0d-MXP
cf-bgj
minify
css
fonts.googleapis.com/ Frame 9E5E 		65 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47f322cb9c643f98f69def5ab8d6177036094070f01b1126bec69e9eb0f87b95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 08:03:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Jul 2022 08:03:48 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Jul 2022 08:03:48 GMT
tds-front.css
dailymarket.com.br/wp-content/plugins/td-subscription/assets/css/ Frame 9E5E 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-subscription/assets/css/tds-front.css?ver=1.3.1
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb0e0c366867ef045d682089665beeae42d556bbc1447aa3df0a6babd5fe3bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636
cf-polished
origSize=37181
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 15:37:51 GMT
server
cloudflare
etag
W/"6294e4cf-913d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XMM%2BK2WatJNSUYS6AA2jEg7aL9yrj3kQ6mm%2FBPiA%2FsIvCbZmlaVHQefKdozwaiTE97u69AlL49axykDPIzIaxeTsPH4qHCq7LkFPy4btfOuPLYGY5tY%2FAVD%2BPPvzv75qm0pr0SQKiE8vO7%2Fb3ZoYkMM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
725658b15ff65a0d-MXP
cf-bgj
minify
td-multipurpose.css
dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ Frame 9E5E 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636
cf-polished
origSize=12001
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 15:37:42 GMT
server
cloudflare
etag
W/"6294e4c6-2ee1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzniTFfgAUP41fFDKIntUpoNBrzf26dnuaGMHyHZxVPj8MPp5z28b9NbKQiJHulIjQy6gBFfPrSB1%2Bx1dX1MMliDWFKFAhxiLEZn2GCtakVV6Xb57U%2BgkYOcgp8JHMT3d2fIagPCu%2B6JZIfNwzoquSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
725658b16ff75a0d-MXP
cf-bgj
minify
style.css
dailymarket.com.br/wp-content/themes/Newspaper/ Frame 9E5E 		105 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/themes/Newspaper/style.css?ver=11.5.1
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee1c191eca53bf9c56a2a13712a48ac9a3def467d15607be90fe26d5657a8fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636
cf-polished
origSize=150102
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 15:37:39 GMT
server
cloudflare
etag
W/"6294e4c3-24a56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zh4Ar0lJcJRTwqMdZfQH6eJO6Cm8BhnyjYkZquBskWkkuiA0M9kxcjiPPbWINBy%2F%2FD8lEuM5Cx7Hl2NXazyzMB1c4c5PCn092gzAQ270b3iAZjkWN9ShmCo76fMnVFRrjcBZqRxrXKTAnI8q72oI6Go%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
725658b16ff85a0d-MXP
cf-bgj
minify
td_legacy_main.css
dailymarket.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/ Frame 9E5E 		129 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-composer/legacy/Newspaper/assets/css/td_legacy_main.css?ver=6ea45b81e47c58269b68289d05535e19x
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47d0d2867473bc7627004dcdb05af0abc5fa4cb44a5592a50e412cb909377fe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1636
cf-polished
origSize=162605
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 30 May 2022 15:37:42 GMT
server
cloudflare
etag
W/"6294e4c6-27b2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6x8UoXRQWKVaIrmbUblVfDRpejaC8itCNPWLKKTXIYAoq3gabwCJcU9q83ykABtwZr5oeGFDOmkkTYML%2Fgdjq5WeKon7ZiB3DYk9NZrNb6QpjYppkf8YYNJ5u%2FK5PjdWw7LG3OQP3TSQ0aRSvCE9lg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
725658b16ffc5a0d-MXP
cf-bgj
minify
jquery.min.js
dailymarket.com.br/wp-includes/js/jquery/ Frame 9E5E 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
cloudflare
age
1636
etag
W/"6048e0ac-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rO%2BvbCvtjLMa8nPKShDnbqsaxbibeq%2BKcK0rJXXgB4R8ZctrG9WWw8msGXinlaQ0P2Lw3GeAZXcIbdcE082ohgI9Juxu5Cm4tbeGzNxhq%2FEfoB6jnr8FHcCXlnfmwnQ%2FZ99joUhb5iXqya7KZGkufFo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b16ffd5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery-migrate.min.js
dailymarket.com.br/wp-includes/js/jquery/ Frame 9E5E 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
cloudflare
age
1636
etag
W/"5fb4e3fe-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFDNBc3H6FRypXU2xbf8fIsaLvRTT6VCE9BGGxEOsvyNXa7oJZIV9pU0ovBdSjy3xGFfHMoSVLb2xr4ITVd7Fnw6WgJkm2PkdP1dnTmbMPWcwNDfAiMbcGSgkIq3rdKG4SyTTJruXIX1HS23s%2Bb9akY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b16fff5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ Frame 9E5E 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-0WM4DGCWEH
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1239d8c2cec92aa40712337bc2a726541b63ed03434cb5777ead4a4b8788fc62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71371
x-xss-protection
0
expires
Mon, 04 Jul 2022 08:03:48 GMT
wp-emoji-release.min.js
dailymarket.com.br/wp-includes/js/ Frame 9E5E 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/js/wp-emoji-release.min.js?ver=6.0
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 05:29:23 GMT
server
cloudflare
age
1635
etag
W/"628dbeb3-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPfeU908it5jrZc%2BK7WFWkMfKA%2FwVLyEWBUt0ziqGeaSVFpkyJ1VjzTb3%2FZc0Hp8UGs8Pnr5sJt2G3eCz6IK%2F3rHVvwftTVPoMD6%2B224dM7%2FWjrzQ2gsx3FDSqY9fuU%2FPMNLE2nWnEVNlESJ6ug%2BuCI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b1e92e5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
newspaper.woff
dailymarket.com.br/wp-content/themes/Newspaper/images/icons/ Frame 9E5E 		28 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/themes/Newspaper/images/icons/newspaper.woff?20
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/wp-content/themes/Newspaper/style.css?ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a

Request headers

Referer
https://dailymarket.com.br/wp-content/themes/Newspaper/style.css?ver=11.5.1
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 15:37:39 GMT
server
cloudflare
age
1635
etag
W/"6294e4c3-703c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOw%2FAGN2G8KVyznSSdeP8fbfB1WnyB1cyo9b%2B60bK%2FgWrEU5fBjd2JobydHotxzcYsJ58izRY80DIJU1EzYLQqxwN5aEFAhZ6VdnsNTHUrxidD2CbvQix74vbzVt3bJ%2FB3%2FYdOfxRx2U12So68vHDmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b219825a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlbJ5W.woff2
fonts.gstatic.com/s/literata/v29/ Frame 9E5E 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/literata/v29/or38Q6P12-iJxAIgLa78DkrbXsDgk0oVDaDlbJ5W.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d968b410c73f538cafc105c00efddb6ba063dd7ee24ce3b4ecc92c3daf303aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:38:40 GMT
x-content-type-options
nosniff
age
476708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50200
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:31:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 19:38:40 GMT
3XFuErgg3YsZ5fqUU-2LkHHhZfk.woff2
fonts.gstatic.com/s/coustard/v16/ Frame 9E5E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/coustard/v16/3XFuErgg3YsZ5fqUU-2LkHHhZfk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9efe8dce6c28bfae85248784799c030b4dbdeb26926d8c22687856efc9d51950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 01:21:45 GMT
x-content-type-options
nosniff
age
283323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28344
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:32:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Jul 2023 01:21:45 GMT
or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5U5Ck.woff2
fonts.gstatic.com/s/literata/v29/ Frame 9E5E 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/literata/v29/or3yQ6P12-iJxAIgLYT1PLs1Zd0nfUwAbeGVKq5U5Ck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba414143f57d9bad4660167620a239881bb6ee419bb9dc908def9122b29608a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 19:50:42 GMT
x-content-type-options
nosniff
age
475986
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52080
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:18:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 19:50:42 GMT
td-multipurpose.ttf
dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/ Frame 9E5E 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.ttf
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6

Request headers

Referer
https://dailymarket.com.br/wp-content/plugins/td-composer/assets/fonts/td-multipurpose/td-multipurpose.css?ver=6ea45b81e47c58269b68289d05535e19x
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1635
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
129596
last-modified
Mon, 30 May 2022 15:37:42 GMT
server
cloudflare
etag
"6294e4c6-1fa3c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0lg6uTCMawSq4RpRxzhIGGSwUeohj9PRfKQhN2MzAe0Mk3bKi88km2uxNeFO10vC1i1aD74kdFNvCIRRBZmlQKCmSN2CQgXYXZwNfw5PgvDTYzjRI9yCjpdH0KlLqtaY2%2B8G3zcHrE2AAH%2BwEhVCQrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
725658b249d55a0d-MXP
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 9E5E 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
589630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 12:16:38 GMT
collect
region1.google-analytics.com/g/ Frame 9E5E 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-0WM4DGCWEH&gtm=2oe6t0&_p=902401258&_z=ccd.v9B&cid=1793980114.1656921828&ul=en-us&sr=1600x1200&_s=1&uid=uid-3207a6167.2a8aedce4&sid=1656921828&sct=1&seg=0&dl=https%3A%2F%2Fdailymarket.com.br%2Fdailymarket%2F%3Fq%3D244f118a2d8ccb16b07ce6c1185d9e76&dr=https%3A%2F%2Fr.admasters.media%2F&dt=Daily%20Market%20%7C%20Seu%20report%20di%C3%A1rio%20%7C%20Daily%20Market&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0WM4DGCWEH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dailymarket.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
underscore.min.js
dailymarket.com.br/wp-includes/js/ Frame 9E5E 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/js/underscore.min.js?ver=1.13.3
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 05:29:23 GMT
server
cloudflare
age
1636
etag
W/"628dbeb3-49df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uHENGmlsoDNtb7s2vQxQokUtj1gZeE2Kgu3MIoL%2F%2B1mcW%2FOo3trXxKofmYk0cldrCN1dG3rPl2ZTmq0IuCUgVwm97ey4hu%2BzPIVeXO1NybxwIDhlhyzpx68KWHNFw0n2vfjKMYVQwG6PPGjvSGpAJL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca7d5a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js_posts_autoload.min.js
dailymarket.com.br/wp-content/plugins/td-cloud-library/assets/js/ Frame 9E5E 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-cloud-library/assets/js/js_posts_autoload.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 15:37:47 GMT
server
cloudflare
age
1636
etag
W/"6294e4cb-14a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3bkQOujZDbKWO6vmjFc6mQ%2FUneV5MVnSCKq9g332a%2FtS4uWp2igySO%2BWApF168f7P6cJbgf8%2FtKyBT9xeXKcI%2BYHOPOOQZtQYwOn5GLNpBbk2PCPd%2Fib1mYopqBqQiDvL%2FO09QhoMjq76NP46PM%2F4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca815a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
tagdiv_theme.min.js
dailymarket.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/ Frame 9E5E 		275 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-composer/legacy/Newspaper/js/tagdiv_theme.min.js?ver=11.5.1
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 15:37:42 GMT
server
cloudflare
age
1636
etag
W/"6294e4c6-44c89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JRfqEWDrVdYcax0Tm774la9zrIQWAZLHjiq%2FZ%2B9m7LChlJH%2B30%2BmLbKhr0B9KRfIPi0e8tN9YLY5W3EZySuYlCXLKYBonzC3Fk1sgKaXPgHp3HaBHeqJpRz8Tsz9CDOJA9grAhteFOTJPiSiDnv3fss%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca845a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
comment-reply.min.js
dailymarket.com.br/wp-includes/js/ Frame 9E5E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-includes/js/comment-reply.min.js?ver=6.0
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 25 May 2022 05:29:23 GMT
server
cloudflare
age
1636
etag
W/"628dbeb3-ba5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqn%2FI5WFBH1Kg%2FQWyV1fUFKADct1Vm91wAKrdt8dVi%2FV0uyl12p0mw1n0Y3rAnXW9D26HTkxcpXGqkrEE4Wf6IHcHcPl1aDsghL4Hv7sOgqLR%2B9Vjr0XbSbhNt5wHUM6orVhnHomAg1gBL%2BFM8XW%2BYQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca865a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js_files_for_front.min.js
dailymarket.com.br/wp-content/plugins/td-subscription/assets/js/ Frame 9E5E 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-subscription/assets/js/js_files_for_front.min.js?ver=1.3.1
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a642eab338616e43fdd2e6a746740d619f32dc42408265a6fc54044c5c424a60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 15:37:51 GMT
server
cloudflare
age
1636
etag
W/"6294e4cf-7859"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifttFjvBRIx5nBH6kNLX2ipWsNERIuWYvBwYzzqJyR3X7SJTbaLv%2FpPvMv6JrVtayiKIPq3WLFWWUqcecpcv2Xga08lYRD2xGfzd2IjdPakyxOAU2qP5%2F2K8%2FBq3JC6FKOcX0JGZO%2Br2g80FRdNxUjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca875a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
js_files_for_front.min.js
dailymarket.com.br/wp-content/plugins/td-cloud-library/assets/js/ Frame 9E5E 		41 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dailymarket.com.br/wp-content/plugins/td-cloud-library/assets/js/js_files_for_front.min.js?ver=4173294bcf58591c4439ff8ccd792f1ex
Requested by
Host: dailymarket.com.br
URL: https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:cf91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://dailymarket.com.br/dailymarket/?q=244f118a2d8ccb16b07ce6c1185d9e76
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 30 May 2022 15:37:47 GMT
server
cloudflare
age
1636
etag
W/"6294e4cb-a461"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=asXdRjINoMBIpYHA8nlkp0dIzvDVYQfxad1A8%2Fdo7KOiLJcpXtK2dC9YtbnJLW3cteaj6%2BDYN%2Byziwy8qjIb2d1yxi%2BbEsxOLLIaUJpI7gfBegLmRVMSJGnuzSuQj5gZMHuZjNvmxtv1%2FZ4XIoAEYQ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
725658b2ca885a0d-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9E5E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
564953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 9E5E 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7CCoustard%3A400%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700%2C700italic%2C900%7COpen+Sans%3A400%2C600%2C700%2C300%2C300italic%2C400italic%2C500%2C500italic%2C700italic%2C900%7CRoboto%3A400%2C500%2C700%2C300%2C300italic%2C400italic%2C500italic%2C700italic%2C900%7CLiterata%3A700%2C400%2C900%2C300&display=swap&ver=11.5.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://dailymarket.com.br
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 10:35:09 GMT
x-content-type-options
nosniff
age
595719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47924
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 10:35:09 GMT
country-341630
www.betano.pt/myaccount/ban/ Frame 2F2D
Redirect Chain
  • https://www.betano.pt/landing/308922/?btag=a_8880b_944c_&affid=1229&siteid=8880&adid=944&c=
  • https://www.betano.pt/myaccount/ban/country-341630?siteid=14
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.betano.pt/myaccount/ban/country-341630?siteid=14
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:2e1e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.betano.pt:*
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
725658b87ae7cc56-ZRH
content-encoding
br
content-security-policy
frame-ancestors https://*.betano.pt:*
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-farm
10
x-xss-protection
1; mode=block

Redirect headers

age
0
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
725658b6d906cc56-ZRH
content-length
0
date
Mon, 04 Jul 2022 08:03:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
/myaccount/ban/country-341630?siteid=14
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
x-applicationtype
dotnetcore
x-content-type-options
nosniff
x-farm
ce10
x-xss-protection
1; mode=block
ZXdzwaY6gEtpCkn3DFFHJqJLPItvXegdJrzUJmnK.jpeg
campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Portugal/banner/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/Betano-Portugal/banner/ZXdzwaY6gEtpCkn3DFFHJqJLPItvXegdJrzUJmnK.jpeg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.143.2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.eu-west-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
dbfcad26825b0646f031ff0da6dbb233df888213083f3cc4c2ca90cef877cf2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nossopalestra.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:49 GMT
Last-Modified
Tue, 11 May 2021 14:47:26 GMT
Server
AmazonS3
x-amz-request-id
MRTXBDT1BQPAFB62
ETag
"911880bfe41142787fab6bd0fe432133"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
22982
x-amz-id-2
Wp87nk4J8RN1liqRwfSdtMwPNprEkF49CMeFReBCGBogtnbBhhyN0fJXantwnCSSE6kOUDLknkc=
/
www.pinnacle.com/ Frame 0F52
Redirect Chain
  • https://www.pinnacle.com/?dvc=d&btag=a_27754b_17506c_&refer=XAFF5905
  • https://www.pinnacle.com/?dvc=d
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/?dvc=d
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc70de255abd264de11984499c8beca33154dad2c53ce04b1a206a11fa1141a0

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658bd39c89ba0-FRA
content-encoding
br
content-type
text/html
date
Mon, 04 Jul 2022 08:03:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 04 Jul 2022 08:03:48 GMT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
725658bce96c9ba0-FRA
content-type
text/html
date
Mon, 04 Jul 2022 08:03:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Mon, 04 Jul 2022 08:03:48 GMT
location
https://www.pinnacle.com/?dvc=d
server
cloudflare
vary
Accept-Encoding
country-341630
br.betano.com/myaccount/ban/ Frame 46E6
Redirect Chain
  • https://gml-grp.com/C.ashx?btag=a_13795b_1238c_&affid=3237&siteid=13795&adid=1238&c=
  • https://gml-grp.com/C.ashx?btag=a_13795b_1238c_&affid=3237&siteid=13795&adid=1238&c=&AutoR=1
  • https://br.betano.com/register/?btag=a_13795b_1238c_[CustomMergeFields]&siteid=13795
  • https://br.betano.com/myaccount/ban/country-341630?siteid=14
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://br.betano.com/myaccount/ban/country-341630?siteid=14
Requested by
Host: redirect.lista10.dev
URL: https://redirect.lista10.dev/click?click_id=N95K4rTkWVuvV8ku
Protocol
H2
Server
2606:4700::6811:5459 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redirect.lista10.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Jul 2022 08:03:50 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
age
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
location
/myaccount/ban/country-341630?siteid=14
x-farm
06
cache-control
no-store
cf-ray
725658bdb9472355-ZRH
content-length
0
x-xss-protection
1; mode=block
x-cacheable-status
302
styles.f700f86e.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		63 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/styles.f700f86e.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef77413c92d9ec50c89ec071f1ec7315cffe05da2350251c9b28b503d4cf2ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318509
etag
W/"62bc39fc-fc9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658bd8a419ba0-FRA
expires
Sat, 30 Jul 2022 15:35:21 GMT
k_pinnacle.js
admaxium.com/scripts/ Frame 0F52 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://admaxium.com/scripts/k_pinnacle.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.11
Resource Hash
41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693

Request headers

Referer
https://www.pinnacle.com/
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.11
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
037c6fb7-e02e-459d-a9b4-12c53e1d02ea
x-runtime
0.003063
server
cloudflare
etag
W/"41a683137c8c1dd8eb93814c564ad2be"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGwR9d334y1Brl4d39XNLj6Hyp68YJ7OxplTgHE%2F9oAlHflG6e9ktHU4eWqNYoSE3tHzJ24OhGoA7CAK9drxH%2F8MB0OSsKJozuBjdISbCVu%2FRihqPxFuyr1vbD%2BJrXcw7PHxsG42bbx0EPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public
cf-ray
725658bdedbcbab8-MXP
expires
2022-06-04 08:03:50 UTC
styles.1e57afad.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		285 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/styles.1e57afad.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d911b9628680897de145e5e7ad1eda534bc607e2c526cf08dc80d0ea8bc61acc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318509
etag
W/"62bc39fc-11d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658bd8a449ba0-FRA
expires
Sat, 30 Jul 2022 15:35:21 GMT
main.7c539e5a.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		243 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f50580c4196611af05b77d395dc3d273cc9b7d84c209e4464f04d3fbf30970e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318509
etag
W/"62bc39fc-3ca6f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658bd8a469ba0-FRA
expires
Sat, 30 Jul 2022 15:35:21 GMT
style.css
www.pinnacle.com/css/font/icomoon/ Frame 0F52 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/css/font/icomoon/style.css?ts=1656527324016
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aebed60dd2ac1381891de9866cd4b8ed44d16496350ca9c9195366a07d226681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318509
etag
W/"62bc3530-364e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658bd8a479ba0-FRA
expires
Sat, 30 Jul 2022 15:35:21 GMT
css
fonts.googleapis.com/ Frame 0F52 		6 KB
685 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/?dvc=d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 04 Jul 2022 07:52:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 04 Jul 2022 08:03:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Jul 2022 08:03:50 GMT
app.json
www.pinnacle.com/config/ Frame 0F52 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/app.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8483e2d8e52eeb37a1c48d2400499568650f835f0c994961503583b6a25f7df1

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 11:27:34 GMT
server
cloudflare
etag
W/"62bc3726-1c26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache, no-cache
cf-ray
725658be0aea9ba0-FRA
expires
Mon, 04 Jul 2022 08:03:49 GMT
sportsbook.json
www.pinnacle.com/config/ Frame 0F52 		3 KB
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/sportsbook.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
680555facb9a4567a4b55872fc013eb1bb29e22b15cef5985348facd22c060aa

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
etag
W/"62bc3530-d51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache, no-cache
cf-ray
725658be0aed9ba0-FRA
expires
Mon, 04 Jul 2022 08:03:49 GMT
newcasino.json
www.pinnacle.com/config/ Frame 0F52 		303 B
235 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/config/newcasino.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
etag
W/"62bc3530-12f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache
cf-ray
725658be0af09ba0-FRA
expires
Mon, 04 Jul 2022 08:03:49 GMT
66.c1ac40c2.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		2 MB
459 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/66.c1ac40c2.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af43cb12aba17e1d54c4a7d1b98ac8a8c076ae0b03eed86bfac586a6b2561bd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318527
etag
W/"62bc39fc-180947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658be6b8a9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:03 GMT
65.b24bf30e.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		215 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/65.b24bf30e.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd0e9db3fd68adfd769cb6d3a647a6e90b6e0a4a5728f343fab452ba44d5b7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318508
etag
W/"62bc39fc-35ccc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658be6b8e9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:22 GMT
65.4125fbc0.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		3 MB
600 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/65.4125fbc0.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0a3f018621b814fc4ed16363c7a507d17fc8d36e8299c83cbbd6513c2c975d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318508
etag
W/"62bc39fc-2bbd1e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658be6b909ba0-FRA
expires
Sat, 30 Jul 2022 15:35:22 GMT
pinnacle
pixel.admaxium.com/rtg/sync/ Frame 0F52 		92 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.admaxium.com/rtg/sync/pinnacle?requestedAt=1656921830194&sh=1200&sw=1600&ref=https%3A%2F%2Fnossopalestra.com.br%2F&lp=https%3A%2F%2Fwww.pinnacle.com%2Fen%2F%3Fdvc%3Dd&fp=2e165d92a.41193eebe.31c5e7957
Requested by
Host: admaxium.com
URL: https://admaxium.com/scripts/k_pinnacle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2a29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Phusion Passenger(R) 6.0.10
Resource Hash
8b4e7391528306d543bb912e881634772c04c93434cfa7feeec03a840f0e6043

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Phusion Passenger(R) 6.0.10
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-request-id
38c2c472-8ee5-4281-80c5-e1a051c109ba
x-runtime
0.013816
server
cloudflare
etag
W/"8b4e7391528306d543bb912e88163477"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5UWbwTUbIYFgtOTJ8a94GBBgejKjFzc0EsKsw%2B0C7QP1sslk%2BWEwwtV%2BBv9oqG07C%2F7iG2671zJeHvOsu5fkCIQz5VSPCzZZrE6iNcVbW801zLxLWctRWnnBE5VORzLwz09y%2Fcch0t6CFDgHjHSWzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, public
cf-ray
725658bf188ee903-MXP
expires
2022-06-04 08:03:50 UTC
enums
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/enums
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c10ad491d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
dataVersion
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/dataVersion
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c10ad691d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
status
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/status
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c10ad991d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
react-intl-locale_4.4b0d62e8.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 0F52 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/i18n/react-intl-locale_4.4b0d62e8.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dac6579735b02b4f4edcc315c85383de322b92253a6b24bda64c8924588f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318483
etag
W/"62bc39fc-2fcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c02e3a9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:47 GMT
en.json
www.pinnacle.com/translations/ Frame 0F52 		207 KB
87 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/translations/en.json
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a986586e9fe9725af64d37d0c1b74a8834d565bdf93035ccdeaf551f450fbe

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/en/?dvc=d
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 29 Jun 2022 11:19:14 GMT
server
cloudflare
etag
W/"62bc3532-33d86"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
cache-control
no-cache
cf-ray
725658c02e419ba0-FRA
expires
Mon, 04 Jul 2022 08:03:49 GMT
/
o417691.ingest.sentry.io/api/5339569/envelope/ Frame 0F52 		2 B
278 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o417691.ingest.sentry.io/api/5339569/envelope/?sentry_key=80eedce15edb4644a5bac761265e091c&sentry_version=7
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/66.c1ac40c2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.pinnacle.com
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
x-envoy-upstream-service-time
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
esw.min.js
pinnacle3.my.salesforce.com/embeddedservice/5.0/ Frame 0F52 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/65.4125fbc0.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.14.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:50 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 18 Feb 2022 00:02:58 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Jul 2022 08:03:50 GMT
commons.b332c1cc.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		81 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/commons.b332c1cc.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a797b8642ca0902c4fc7bc13588f8fc20c6d641543692b9856051ce51d95adeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318504
etag
W/"62bc39fc-142e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c0df739ba0-FRA
expires
Sat, 30 Jul 2022 15:35:26 GMT
commons.dbfe2253.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		360 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/commons.dbfe2253.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86c855490e2fee239fe33d41f263c82a83d899384acb0a2abf18a9fb610e6bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318504
etag
W/"62bc39fc-59ee8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c0df769ba0-FRA
expires
Sat, 30 Jul 2022 15:35:26 GMT
react-intl-locale_40.225c9b00.chunk.css
www.pinnacle.com/static/css/i18n/ Frame 0F52 		1 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/i18n/react-intl-locale_40.225c9b00.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
715c2a1c3650ae2a4dbc672e99bb0d712688cb41ad013d876da5b4839946f22f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318504
etag
W/"62bc39fc-5d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c0df759ba0-FRA
expires
Sat, 30 Jul 2022 15:35:26 GMT
react-intl-locale_40.9b36a679.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 0F52 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/i18n/react-intl-locale_40.9b36a679.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4b11bc7f02a6c17bf6bb76747a70588e0d265ed716034d7b9e4b85e4289f7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318504
etag
W/"62bc39fc-1e49"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c0df779ba0-FRA
expires
Sat, 30 Jul 2022 15:35:26 GMT
80.f28aba9d.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		2 KB
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/80.f28aba9d.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd89b90cd11f999e3a84335e93d43897f6a8c89939ec39c6c0d4e1d28665e2e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-690"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c0df799ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
80.e883ab21.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/80.e883ab21.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40791556aa5efb0d747a95a5be8da30d30894a8d2735c02f965ed4bd1344fe2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318501
etag
W/"62bc39fc-24cf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c0df7b9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:29 GMT
MaintenanceNotice
www.pinnacle.com/en/future/ Frame 0F52 		0
0
enums
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		106 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/enums
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74aa63e59db1117c106a99c479e5a60fe1a9c1cf9f1a7538e26ebbdb54b43f29

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:51:46 GMT
server
cloudflare
age
724
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=959, must-revalidate
cf-ray
725658c1dc1091d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
dataVersion
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		19 B
141 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/dataVersion
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b8894d57dfa621e534ef4eb25263e8f00254cbcb4327f1f98796314ac279dde

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
60
content-length
19
last-modified
Mon, 04 Jul 2022 08:02:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=60, must-revalidate
accept-ranges
bytes
cf-ray
725658c1dc0e91d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
status
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		1 KB
473 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/status
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac64cea40cbde0d2d259ceb78f1d40d9a89706f5245d21349d4c7d2bfa1c50c

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 08:03:46 GMT
server
cloudflare
age
4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=4, must-revalidate
cf-ray
725658c14b3691d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
hotjar-1083293.js
static.hotjar.com/c/ Frame 0F52 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1083293.js?sv=6
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1126e72ff6188aded79ca68e1f37c9e257d7154ecba478dde697c9d9c206648a
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
age
58
x-cache
Hit from cloudfront
date
Mon, 04 Jul 2022 08:02:53 GMT
cross-origin-resource-policy
cross-origin
via
1.1 d05d62f18b6532eb36f4d53b3337857c.cloudfront.net (CloudFront)
cache-control
max-age=60
etag
W/55f8770c2150433f063dfc8b6ed106e9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
v2ZK0FCwZfm5ad7jvODfJAHbN2PVbFzBpcZV-llVCo4mkqMJC63niA==
gtm.js
www.googletagmanager.com/ Frame 0F52 		155 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KXLFXC7&gtm_auth=RSYvLtUxCh8o0eYkz0CGig&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
07be4d6432f38a8396337e8e35b037410a56172b187f7579201172c9983274c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47722
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/ Frame 0F52 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744513
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
gzip
last-modified
Mon, 06 Jun 2022 09:49:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
etag
W/"c3f5cc14f2d6d25cdb126fd97705e667"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
21256
x-amz-cf-id
uG15SWCHELePGSzyzp28oLeixxdfgoZs9w_KqQ14sR_dZI353rlHbQ==
ol-service-worker.js
cdn.otherlevels.com/js-sdk/ Frame 0F52 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.otherlevels.com/js-sdk/ol-service-worker.js?appKey=4d21c8ceef2c0fa35ebee38f497184cf
Requested by
Host: nossopalestra.com.br
URL: https://nossopalestra.com.br/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.17 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9a77e710766a65976f4537a2e7d2e8686106075dad6fb9c2f217d12a231996a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 07:59:12 GMT
Via
1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Connection
keep-alive
Age
278
X-Cache
Hit from cloudfront
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=1800
X-Amz-Cf-Pop
FRA56-C1
Content-Encoding
gzip
Content-Length
4111
X-Amz-Cf-Id
8YmUj8Jo6VwA7fmV-AM54ctvEfrPD2hqnUD6Onk6gwtma0ATRFNYfg==
teasers
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/teasers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c19b9e91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
react-intl-locale_14.dac18ae8.chunk.css
www.pinnacle.com/static/css/i18n/ Frame 0F52 		242 B
253 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/i18n/react-intl-locale_14.dac18ae8.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc5d6d7f44af26138f80ef48a26d051727ef50ac56f4a410e4a32aa97e9e4d05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-f2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c198b99ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
react-intl-locale_14.2c71565c.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 0F52 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/i18n/react-intl-locale_14.2c71565c.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
552251370c19357949d4f81e843f083a417250d03aa86a59c5a41950a253108b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=0p3jqaUk58pEZ_hSxzM1F1foEy3a5x2eWxS16VV_tP8-1656921830-0-AT5C_hBc1B-3E9y_PE5luGYVGRGK0EodBEkTox3K7eBgyAYhVc5Y-H7Su58uzn-uLdePehBNTjzuSd7GgpdrnMM
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-3335"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198bf9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
12.64e28e0a.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/12.64e28e0a.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25937be731f158ca2be21feeaab438cadcfb423618c7a0a7a74e653b91d5151d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318501
etag
W/"62bc39fc-1952"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198cc9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:29 GMT
react-intl-locale_24.1c4e37bb.chunk.js
www.pinnacle.com/static/js/i18n/ Frame 0F52 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/i18n/react-intl-locale_24.1c4e37bb.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6f65309e99e2a03864460f798241e54f528367d9dd792ee3bbb06d9f699b612

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318505
etag
W/"62bc39fc-3884"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198cd9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:25 GMT
76.41b92eee.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/76.41b92eee.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3514a999d74140815cf397facd0f59f129d9e36aae28af8616962a9ee156ec76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318501
etag
W/"62bc39fc-170c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c198ce9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:29 GMT
76.c4769da4.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/76.c4769da4.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d750949568389a83e713662b134b1056c2a55fae130ae79461e20506dbab9a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318501
etag
W/"62bc39fc-2c08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198cf9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:29 GMT
86.f54e5c32.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/86.f54e5c32.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5671b76b653da8dbb48d05002fe5541ef72677e87f2acf566356d3bdb90b7ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-15f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c198d19ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
86.04c8e1a5.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/86.04c8e1a5.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9702471f6f4170ed4b55d66bd253fe8d985fb74df77e778684f7c8acd94d4802

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318500
etag
W/"62bc39fc-259d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198d29ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
55.a94960f9.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		258 B
243 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/55.a94960f9.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71dddfec38650365d8836e10a9c4432954fdd25b48dbf1da7f34798d4d8583d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318500
etag
W/"62bc39fc-102"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c198d49ba0-FRA
expires
Sat, 30 Jul 2022 15:35:29 GMT
55.e81a176d.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/55.e81a176d.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6976cf0314410c7489f316d152e40c8db8413849c81e0625999b7cc5e0630cbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-2786"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198d79ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
teasers
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		41 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/teasers
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8bad9672fed38d3a74883233663e7d445fbcdedc805c81072c38f69fb5f7ba5

Request headers

Accept
application/json
X-Device-UUID
null
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:57:37 GMT
server
cloudflare
age
373
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=859, must-revalidate
cf-ray
725658c1dc0d91d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
25.2dbef2cd.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		2 KB
662 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/25.2dbef2cd.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d31fe4751cde6f0f884349f049756571d820e9de93fab3c0a2c453ae0fd95428

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318493
etag
W/"62bc39fc-82d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c198d89ba0-FRA
expires
Sat, 30 Jul 2022 15:35:37 GMT
25.b9446438.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/25.b9446438.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd4aa8296b6c6e1e2aa2cda6399dbf41ba80ac1b4bb477ed5c9796fb832e4d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318493
etag
W/"62bc39fc-4bc1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c198da9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:37 GMT
betslip-empty.default.svg
www.pinnacle.com/img/icons/ Frame 0F52 		3 KB
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/icons/betslip-empty.default.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/css/65.b24bf30e.chunk.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229b88d8de6a8f34b475b90138c8cb6263c96f4fd2b2a6df784fc0a2b17ec383

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/static/css/65.b24bf30e.chunk.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318481
etag
W/"62bc3530-bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c198dc9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F52 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 19:07:55 GMT
x-content-type-options
nosniff
age
564955
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 19:07:55 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F52 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
515888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 08:45:42 GMT
icomoon.ttf
www.pinnacle.com/css/font/icomoon/fonts/ Frame 0F52 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/css/font/icomoon/fonts/icomoon.ttf?u10pwe
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/css/font/icomoon/style.css?ts=1656527324016
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4753a1fc08d628e068be840894f27295641917c17e8343d47a3e9b48346712c5

Request headers

Referer
https://www.pinnacle.com/css/font/icomoon/style.css?ts=1656527324016
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
MISS
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
etag
"62bc3530-14004"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
cache-control
no-cache
cf-ray
725658c198de9ba0-FRA
expires
Mon, 04 Jul 2022 08:03:49 GMT
modules.b4253c4a74219da558ee.js
script.hotjar.com/ Frame 0F52 		243 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b4253c4a74219da558ee.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1083293.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 10:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
249044
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
64087
access-control-allow-origin
*
last-modified
Fri, 01 Jul 2022 10:52:14 GMT
etag
"bda2f6d20c6ee79ecef8722dadf19aea"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DGsrifylREvyY6GmzYjk2-93kX7KkZOsMyUfHMLPLVYtVJNwGq0mdA==
1073744513
secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/ Frame 0F52 		445 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/1073744513
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/66.c1ac40c2.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.25 -, , ASN (),
Reverse DNS
Software
ATS/7.1.0 /
Resource Hash
fa23c9aead9705745404b9f8274a7f6bc54f64c1e5e39fd17f09d571fc624ced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
Ul02Q0Gg6RMce88L28RyCp8gt6Edg6kh
content-encoding
gzip
last-modified
Fri, 19 Nov 2021 15:40:44 GMT
server
ATS/7.1.0
x-amz-request-id
64HCJC8SCRNEDFWK
etag
"7f28b890b8612b4341092c4b4135050b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=504
date
Mon, 04 Jul 2022 08:03:50 GMT
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
207
x-amz-id-2
zHjSt7DRLdezbgtkA2euU1od8BYCn97lcuokDPCs3U0Df7+ut4LnnzmdS3WBw58cyws9+Vdr+s8=
box-63c3a81830bf549dafe40b369003f751.html
vars.hotjar.com/ Frame 35BB 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-63c3a81830bf549dafe40b369003f751.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1083293.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Referer
https://www.pinnacle.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
260631
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 01 Jul 2022 07:39:59 GMT
etag
"e6fb1304cb60a0dea0f76f7077cb13c6"
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
strict-transport-security
max-age=86400; includeSubDomains
vary
Accept-Encoding
via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
x-amz-cf-id
MWZ2rIgHS9kRr7qFQOCoAt020gFuwzfDXIBlO2AeWm7x7BkhCtDTpg==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
none
17.b8364458.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/17.b8364458.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d14c193c6840fe40341b5187f3cfdb5720aa6dc3cb2f75e282f84b6dd4198919

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318500
etag
W/"62bc39fc-16a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c219769ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
17.ed3033f1.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/17.ed3033f1.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3219db44a7f27edf15a68b0e3c2f6a0506f6036d65a7ff64eba0de991122111f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-4471"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c219779ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0F52 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 12:56:05 GMT
x-content-type-options
nosniff
age
587265
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 12:56:05 GMT
sports
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c23c9b91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
live
guest.api.arcadia.pinnacle.com/0.1/sports/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/live
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c23c9c91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
sports
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		13 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba0aebd04de188e6a3ce7de531b1061ee4025c617f94acd18e098e0abbc1ebd0

Request headers

Accept
application/json
X-Device-UUID
null
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:58:07 GMT
server
cloudflare
age
343
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=905, must-revalidate
cf-ray
725658c26ce391d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
live
guest.api.arcadia.pinnacle.com/0.1/sports/ Frame 0F52 		682 B
326 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/live
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9268b655517e43d36094454a58e01a557d28c5ac2823554ed0d1682e01659ed

Request headers

Accept
application/json
X-Device-UUID
null
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:57:33 GMT
server
cloudflare
age
377
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=900, must-revalidate
cf-ray
725658c28d0f91d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
2.6e6d02b2.chunk.css
www.pinnacle.com/static/css/ Frame 0F52 		477 B
341 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/css/2.6e6d02b2.chunk.css
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0799522d13b526a6858eeab2722f79c1a93700febf49805fd2142f29aa02b335

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-1dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
cf-ray
725658c239ad9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
2.165b66d3.chunk.js
www.pinnacle.com/static/js/ Frame 0F52 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pinnacle.com/static/js/2.165b66d3.chunk.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d26d3394030fd5cf48bad79221fc5ada25139af2576656a0b203a56a4372035

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318481
etag
W/"62bc39fc-2c27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
725658c239b19ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
apg-seal.js
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/ Frame 0F52 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/apg-seal.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/25.b9446438.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:cc00:13:7e8a:aac0:93a1 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
dbb8daffbf7494ba152f47726679f4ba8f60252e26aa31dbad718d6f3a1bd119
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:28 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
age
22
x-powered-by
Express
x-cache
Hit from cloudfront
server
cloudflare
etag
W/"dff-OZXsieSGXquIlYF77Th8RujtAZo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/javascript; charset=utf-8
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control
max-age=300
x-amz-cf-pop
FRA53-C1
cf-ray
72565836c9699a15-FRA
x-amz-cf-id
u4GzFJAsHjCkNejioDkYpLOJ-arBxeld3dhnt8rKB0_fTphjs1KRSA==
min-age.svg
www.pinnacle.com/img/licenses/ Frame 0F52 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/licenses/min-age.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb5bbfa45b85a386e997532eefa2bec3d58565ea560d73b003d0520eee8bdabc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318481
etag
W/"62bc3530-d06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c249d69ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
visa.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/visa.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
031893036e023f6599c84cf742656bdcc445e102fafa779657c73b739470d7af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318500
etag
"62bc3530-10b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=4274
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="visa.webp"
cf-ray
725658c249d79ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
master-card.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		742 B
863 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/master-card.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec54cb9c1e6e49f695f6adf5186507736c8e7f8a800b811a1498d025ae0a4b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=3136
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="master-card.webp"
cf-ray
725658c259db9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
skrill.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		756 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/skrill.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ade520992be30e13f1121020d64c9e661db520ca3c2068c8233fccbd529682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-c94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=3220
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="skrill.webp"
cf-ray
725658c259dc9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
neteller.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/neteller.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acf0f478ddc46fc181bc74905dde9bc294b4ea3052a4c4fd9c76220cb521c0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-eb5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=3765
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="neteller.webp"
cf-ray
725658c259de9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
idebit.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		878 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/idebit.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb15f58105529df8158dc8cd6c30b47eeff06fa8989e02f8eac63d0fc3d5e2d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-d42"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=3394
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="idebit.webp"
cf-ray
725658c259e09ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
web-money.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/web-money.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce94ed62a65126621232ee8ad72bb83bf9948d283d2dcc9cc45d8f05e89dc403

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-1a1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=6684
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="web-money.webp"
cf-ray
725658c259e29ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
instant-banking.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/instant-banking.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b2b9b81075b462e957367a548ecb56fe822edb3e6eb5b27925c29c5f6b00c67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318500
etag
"62bc3530-1ede"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=7902
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="instant-banking.webp"
cf-ray
725658c259e69ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
eco-payz.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/eco-payz.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
446f40b3d26b6df71d0a6e9277109c79cc8c43c60acf2ed7204573ae9aaba571

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-1369"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=4969
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="eco-payz.webp"
cf-ray
725658c259e79ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
e-cheque.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/e-cheque.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4db1925a75d0f477e196e181b61ed8253ceffc4dd16aae0051220e0c43bcfc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318493
etag
W/"62bc3530-1049"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259e99ba0-FRA
expires
Sat, 30 Jul 2022 15:35:37 GMT
instadebit.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/instadebit.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a373f543efdcea9b694dcc4410de84e96620cc53ae1f15acff21b88a608270b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318493
etag
"62bc3530-1579"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=5497
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="instadebit.webp"
cf-ray
725658c259eb9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:37 GMT
pay-safe-card.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/pay-safe-card.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4d179b0553f187e93202f18eb03f814322d055b9f086a9932ffd4558e6a380

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318500
etag
"62bc3530-11a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=4519
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="pay-safe-card.webp"
cf-ray
725658c259ed9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
bank-transfer.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/bank-transfer.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d5ba417adc6f8c21b748737cab1577dea0bea16dbe9d749c4e845361799031e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318481
etag
W/"62bc3530-bef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259ef9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
local-transfer.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/local-transfer.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a628223ca1d943937a910b43487d9a31125b0fa061ce0349b47983c56f60a4c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318500
etag
W/"62bc3530-ebb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f09ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
sofort.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/sofort.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279b86bbe474fa8cf84c0fe45c4bca7aa96d01bffbe6aa709dc7b362d1ff2c24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-12e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=4838
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="sofort.webp"
cf-ray
725658c259f19ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
bradesco.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/bradesco.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ecfd5a6e1e011aae1829b9dcfabd5a660e1299b5a87307cf9c5d559a34ef1c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=CfOoeSGva4WQuR.xK8Ew_hKLYhSHMzr5CY3TyRa4cj4-1656921830-0-Aegrd2uHyapwF62dJRC0B-7X30JZ0G9pEsQ2xVcX8GZeVXJvI7NHRrqfPyjlz-8Nq_4wAU6kfhzxb92SBpUv1fc
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318492
etag
W/"62bc3530-2840"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f29ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
boleto.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/boleto.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9e701714b7205e1c49e7b8b4600f63385d541c16c64b97d80d6529d554ba37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318492
etag
W/"62bc3530-31e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f39ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
much-better.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/much-better.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57aa2155e87b3d27bce9203dd8642056aa55ef4e7b4c24c1ad5f2bdddec2ed43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318492
etag
W/"62bc3530-3187"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f49ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
webpay.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/webpay.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93daef751384d0b0a66f4a80fbea9fc6ed0e5b6f3d40a55a00b853f05d7a1e2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318492
etag
W/"62bc3530-1e47"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f79ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
bitcoin.svg
www.pinnacle.com/img/payments/solid/ Frame 0F52 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/bitcoin.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93a3b6f202b34eb9d8de67d740399e96e4a50cafbbc98ab9a06c8286883cd26d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
server
cloudflare
age
318492
etag
W/"62bc3530-34c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c259f99ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
internet-banking.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		1008 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/internet-banking.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0ba6a4c6711143826221d7a815092033294018a0c2655880da0b829d074ac20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318500
etag
"62bc3530-e56"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=3670
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="internet-banking.webp"
cf-ray
725658c259fa9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
jcb.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/jcb.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9167954de2965bd9481e478acd5e05b53018beb14ddfe1be6505a6b27a801a7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-244b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=9291
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="jcb.webp"
cf-ray
725658c259fb9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
neosurf.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/neosurf.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccd75fc7d4e02a6c0ef056c882a98bc51d139b285b2cef13cbc7fe68bb4434e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318492
etag
"62bc3530-1014"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=4116
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="neosurf.webp"
cf-ray
725658c259fc9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
oxxo.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/oxxo.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0507579ad8ae986828ea3e585ed5e4eaf6d6578a8d7d224dbcc8c619439e4d7b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-3a93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=14995
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="oxxo.webp"
cf-ray
725658c259fe9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
pay4fun.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/pay4fun.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea7e92e4d0283b0ee62900682565ce0860886ea007c4e12b36c928699bfecfab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318492
etag
"62bc3530-69df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=27103
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="pay4fun.webp"
cf-ray
725658c259ff9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:38 GMT
interac-etransfer.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/interac-etransfer.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ebb833b0f0e6988ea53077a286f0b6570b39b8515d6a83fbac96e957779b6796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-1f68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=8040
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="interac-etransfer.webp"
cf-ray
725658c25a009ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
AstroPay.png
www.pinnacle.com/img/payments/solid/ Frame 0F52 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/payments/solid/AstroPay.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392a64701f2ec3ff128d9d82cb24567efcbda3c8747a8dbb9748f2126232eda1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318500
etag
"62bc3530-22049"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=139337
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="AstroPay.webp"
cf-ray
725658c25a019ba0-FRA
expires
Sat, 30 Jul 2022 15:35:30 GMT
ecogra.png
www.pinnacle.com/img/licenses/ Frame 0F52 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/licenses/ecogra.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15bcb9475a4ac71af3d8549cb05909bbfb5815cbbdc637e97621bd276ff2ca43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-2810"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=10256
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="ecogra.webp"
cf-ray
725658c25a039ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
gamcare.png
www.pinnacle.com/img/licenses/ Frame 0F52 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/licenses/gamcare.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
511a9df4660a4c3c51f9d72fc00ad7f4ec75218ccde41ed7f2b65dbdc9f7afb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-2f4b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=png, origSize=12107
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="gamcare.webp"
cf-ray
725658c25a059ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
siteseal.gif
www.pinnacle.com/img/licenses/ Frame 0F52 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/img/licenses/siteseal.gif
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eef6e2fc439af50ee046c7d70ac5740a3b36c030595b9b4ef2af470154de1a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
318481
etag
"62bc3530-dbf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
max-age=2592000
cf-polished
origFmt=gif, origSize=3519
last-modified
Wed, 29 Jun 2022 11:19:12 GMT
content-disposition
inline; filename="siteseal.webp"
cf-ray
725658c25a069ba0-FRA
expires
Sat, 30 Jul 2022 15:35:49 GMT
location
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		213 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/location
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d6cf7dc2eaa04df8f7e10c871f45458d2a5c64a531937fd79c55ade3d5a5456

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:50 GMT
content-encoding
br
cf-cache-status
BYPASS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
cf-ray
725658c36e7191d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
session
js-api.otherlevels.com/0.8/ Frame 0F52 		3 B
816 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js-api.otherlevels.com/0.8/session
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/66.c1ac40c2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.46.137 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.pinnacle.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Content-Length
3
X-XSS-Protection
1; mode=block, 1; mode=block
X-Request-Id
sdkapi-aea41708-744e-4b48-b370-b25e9ea87876
Pragma
no-cache;
Server
Tengine
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-Id
Cache-Control
no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires
Mon, 01 Jan 0001 00:00:00 GMT;
Serving
bs.serving-sys.com/ Frame 0F52 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=1073744513&dispType=js&sync=0&sessionid=4500877619729036622&pageurl=$$https%3A%2F%2Fwww.pinnacle.com%2Fen%2F%3Fdvc%3Dd$$&activityValues=$$Session%3D8225176787615559302$$&ns=0&rnd=8827489157354116&referrer=$$https://nossopalestra.com.br/$$&uinadv=%7B%7D
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744513
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.68.5.33 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
dc8655edd4cb5b195621f5ff39f9c74c50b309f0905796dcd2e4374aa01271ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
789
expires
Sun, 05-Jun-2005 22:00:00 GMT
bonuslandingpage
www.br.betboo.com/pt-br/mobileportal/ Frame CE77 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.br.betboo.com/pt-br/mobileportal/bonuslandingpage?wm=5174560
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.133.181 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src *
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
725658c5ba1ebb59-FRA
content-encoding
br
content-security-policy
frame-src *
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
server-timing
vanilla;dur=212.473
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
logo-on-dark.94bbcdf8.svg
www.pinnacle.com/static/media/ Frame 0F52 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pinnacle.com/static/media/logo-on-dark.94bbcdf8.svg
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ffb3ce825f05c87813b1ae4195629568b1b9c865e90578f021f90d1505d55ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/en/?dvc=d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
content-security-policy-report-only
script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Jg6p9fRgfE4gVcyKo4GR8WTxBbsY6r_ULAIDm4_zVkk-1656921831-0-ARr1Y9BpJYDyfIEeZXoxPfNhNbqyvwC0RiADn_ZMvdeXf8Af1R4QsRtcFHLclY5xdF36P2BJrVZAlqxdVYKY5_s
cf-cache-status
HIT
last-modified
Wed, 29 Jun 2022 11:39:40 GMT
server
cloudflare
age
318504
etag
W/"62bc39fc-dcd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=2592000
cf-ray
725658c3ec4b9ba0-FRA
expires
Sat, 30 Jul 2022 15:35:27 GMT
labels
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		748 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/labels
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165fe59feb2097fd46efc19b6fc39a2819cd3bdb21ca7cb644cf699e51400d09

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:50:46 GMT
server
cloudflare
age
785
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=1199, must-revalidate
cf-ray
725658c4783591d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
56a526ac3c1bb2d976f065aaa6ff6b8f-www.pinnacle.com-7587f597e3320558506e0ff25cacba0483f11748a866effd87aae84778d3319b14aa942c5316322a39644f98fe828c41-c3BhY2VyLXNwcml0ZS5wbmc%3D
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/sealassets/ Frame 0F52 		95 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/sealassets/56a526ac3c1bb2d976f065aaa6ff6b8f-www.pinnacle.com-7587f597e3320558506e0ff25cacba0483f11748a866effd87aae84778d3319b14aa942c5316322a39644f98fe828c41-c3BhY2VyLXNwcml0ZS5wbmc%3D
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:cc00:13:7e8a:aac0:93a1 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:28 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
age
23
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
95
server
cloudflare
etag
W/"5f-NEKpX+iQzkdps2suzGEbgBpUz7U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
max-age=1200
x-amz-cf-pop
FRA53-C1
cf-ray
72565837cffe9b83-FRA
x-amz-cf-id
1YVYD_exy3FuTVxGimeytVUnuv8usPWTW_9Quzr5dQWX8cveLpDCQQ==
56a526ac3c1bb2d976f065aaa6ff6b8f-www.pinnacle.com-7587f597e3320558506e0ff25cacba0483f11748a866effd87aae84778d3319b14aa942c5316322a39644f98fe828c41-c3ByaXRlLXNlYWwucG5n
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/sealassets/ Frame 0F52 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/sealassets/56a526ac3c1bb2d976f065aaa6ff6b8f-www.pinnacle.com-7587f597e3320558506e0ff25cacba0483f11748a866effd87aae84778d3319b14aa942c5316322a39644f98fe828c41-c3ByaXRlLXNlYWwucG5n?status=valid
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:cc00:13:7e8a:aac0:93a1 -, , ASN (),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Mon, 04 Jul 2022 08:03:28 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
age
23
x-powered-by
Express
x-cache
Hit from cloudfront
content-length
49397
server
cloudflare
etag
W/"c0f5-y5nfd/SGXZwvKHU5pcpHTPdvfQk"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15724800; includeSubDomains
content-type
image/png
cache-control
max-age=1200
x-amz-cf-pop
FRA53-C1
cf-ray
72565837ac18903c-FRA
x-amz-cf-id
hUHPXlKe3qDOtnR8o-v5es52fDb8zG_wg_VgngUUirMVbw0Cnl1Gww==
54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/ Frame 0F52 		68 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com/54f396e0-b046-49b1-9cb3-0c69281d7ea9-beacon.png
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:cc00:13:7e8a:aac0:93a1 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 21:18:26 GMT
via
1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified
Tue, 15 Dec 2020 08:04:53 GMT
server
AmazonS3
age
643526
etag
"e679fbd466a2d656f194a5da4fa083cd"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
68
x-amz-cf-id
XpSa088r9e0v-Gd4D6HTULHePwvS1sVT5_XTXAxz3hgJIZmgBvpTRA==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6CF7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_inf_scr&r=s&pg_h=94&su=2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com&d=5000&pvc=3934044254191427&eid=44759875%2C44759926%2C44759837%2C31064018%2C31062931
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Jul 2022 08:03:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/location
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c32e0891d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:50 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
session
js-api.otherlevels.com/0.8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js-api.otherlevels.com/0.8/session
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.46.137 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Jul 2022 08:03:51 GMT
Server
Tengine
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
labels
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/labels
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c40f6791d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
devices
guest.api.arcadia.pinnacle.com/0.1/ Frame 0F52 		43 B
212 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/devices
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e529cc989470de39b0d7fa89d1bd98df51fe96913e6aa635d373587420f496d

Request headers

Accept
application/json
X-Device-UUID
72bdae02-8e0088cc-c2349460-40499a51
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
cf-ray
725658c62b3f91d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
content-length
43
devices
guest.api.arcadia.pinnacle.com/0.1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/devices
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
POST
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c5dac291d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
common.min.js
pinnacle3.my.salesforce.com/embeddedservice/5.0/utils/ Frame 0F52 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinnacle3.my.salesforce.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: pinnacle3.my.salesforce.com
URL: https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.14.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Jul 2022 08:03:51 GMT
preact-incoming-feedback.b09568ad4af4f017272b.js
script.hotjar.com/ Frame 0F52 		161 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.b09568ad4af4f017272b.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b4253c4a74219da558ee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
18ec8b3ab3ef5a8f0236932df324cccd1dc90355e3fc8e2c396839ba361c5b3b
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:39:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
260665
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
content-length
33142
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
etag
"a25a41563a15897ad258c288f156a736"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 bfb5bffe90e3b0e760933a7a07d850ba.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
W_PSGCMf1QP5cwItDuOEipL5F95cwUc0HX3UOUMLOLd4KyRpa2TBMQ==
seg
secure.adnxs.com/ Frame FACE 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=21703538&t=1
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js?id=1073744513
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.117 -, , ASN (),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Jul 2022 08:03:51 GMT
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 957.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
67900783-b7fa-42b2-a7f4-58fd17c9bfb6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
countRaces
racebook.pinnacle.com/racebook-api/left-menu/ Frame 0F52 		170 B
345 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://racebook.pinnacle.com/racebook-api/left-menu/countRaces
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5565f3f8a4e1eb9e84e367c77799f6c8567e2dc252d8a91e8aed71bbaca946eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
strict-transport-security
max-age=31536000 ; includeSubDomains
vary
accept-encoding
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cf-ray
725658c68c0391d8-FRA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires
0
countRaces
racebook.pinnacle.com/racebook-api/left-menu/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://racebook.pinnacle.com/racebook-api/left-menu/countRaces
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
cf-cache-status
DYNAMIC
cf-ray
725658c63b5a91d8-FRA
content-length
0
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
live
guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/live?withSpecials=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c62b4a91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
straight
guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/live/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/live/straight?primaryOnly=false&withSpecials=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c62b4c91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
highlighted
guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/highlighted
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c62b4e91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
straight
guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/highlighted/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/highlighted/straight?primaryOnly=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key,x-device-uuid
Access-Control-Request-Method
GET
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
access-control-allow-methods
HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cf-cache-status
DYNAMIC
cf-ray
725658c62b4f91d8-FRA
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Jul 2022 08:03:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
/
www.pinnacle.com/en/future/promos/ Frame 0F52 		0
0
live
guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/ Frame 0F52 		24 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/live?withSpecials=false
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19a9bca029dbfb340956d9d7e8e556a91e857e9d25a7fd3c998cea4a4e227f85

Request headers

Accept
application/json
X-Device-UUID
72bdae02-8e0088cc-c2349460-40499a51
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 08:01:02 GMT
server
cloudflare
age
169
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=903, must-revalidate
cf-ray
725658c66bb091d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
straight
guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/live/ Frame 0F52 		104 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/live/straight?primaryOnly=false&withSpecials=false
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ff0d402bbd7ae8910ea63f2db5a940cc3ca56e51a031f0858f4a34928721c8

Request headers

Accept
application/json
X-Device-UUID
72bdae02-8e0088cc-c2349460-40499a51
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:55:17 GMT
server
cloudflare
age
514
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=903, must-revalidate
cf-ray
725658c6fca891d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
highlighted
guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/ Frame 0F52 		145 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/matchups/highlighted
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff3d344610bdb6bb77a825535b4b9077269ce10a1b182b121f6e365ccf9918b1

Request headers

Accept
application/json
X-Device-UUID
72bdae02-8e0088cc-c2349460-40499a51
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:52:06 GMT
server
cloudflare
age
705
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=905, must-revalidate
cf-ray
725658c70cb891d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
straight
guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/highlighted/ Frame 0F52 		1 MB
51 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://guest.api.arcadia.pinnacle.com/0.1/sports/29/markets/highlighted/straight?primaryOnly=false
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/main.7c539e5a.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83fecff6653e9315ee0b577d1ebdb602d72108618b3c637cb9792ad5d9000a4e

Request headers

Accept
application/json
X-Device-UUID
72bdae02-8e0088cc-c2349460-40499a51
Referer
https://www.pinnacle.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
X-API-Key
CmX2KcMrXuFmNg6YFbmTxE0y9CIrOi0R
Content-Type
application/json

Response headers

date
Mon, 04 Jul 2022 08:03:51 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Jul 2022 07:53:53 GMT
server
cloudflare
age
598
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
HEAD, GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public, max-age=898, must-revalidate
cf-ray
725658c66baa91d8-FRA
access-control-allow-headers
Accept, Content-Type, X-API-Key, X-Device-UUID, X-Session, X-Language
/
www.pinnacle.com/en/future/promos/ Frame 0F52 		0
0
/
www.pinnacle.com/en/future/promos/ Frame 0F52 		0
0
/
www.pinnacle.com/en/future/promos/ Frame 0F52 		0
0
esw.min.css
pinnacle3.my.salesforce.com/embeddedservice/5.0/ Frame 0F52 		9 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.css
Requested by
Host: pinnacle3.my.salesforce.com
URL: https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.14.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
text/css
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Jul 2022 08:03:51 GMT
liveagent.esw.min.js
pinnacle3.my.salesforce.com/embeddedservice/5.0/client/ Frame 0F52 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pinnacle3.my.salesforce.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: pinnacle3.my.salesforce.com
URL: https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
160.8.14.13 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
Content-Encoding
gzip
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 18 Feb 2022 00:21:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
X-Robots-Tag
none
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Expires
Tue, 05 Jul 2022 08:03:51 GMT
pixie.js
acdn.adnxs.com/dmp/up/ Frame FACE 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
Content-Encoding
gzip
Age
7726
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
3340
X-Served-By
cache-lga21975-LGA, cache-hhn4026-HHN
Access-Control-Allow-Origin
*
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.18.0 (Ubuntu)
X-Timer
S1656921832.574351,VS0,VE0
ETag
W/"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
1, 1960
font-hotjar_5.65042d.woff2
script.hotjar.com/ Frame 0F52 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/font-hotjar_5.65042d.woff2
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.40 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pinnacle.com/
Origin
https://www.pinnacle.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 07:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
260664
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains
access-control-allow-origin
*
last-modified
Thu, 30 Jun 2022 14:48:22 GMT
etag
"c9fb9163f8b7be37023ebe649688bebf"
vary
Accept-Encoding
content-type
font/woff2
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P6
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
D3XBVuTgvHKDOZqz2MY-RKtDVIr3lXvlp85naVeM5y6P4KJbwOeviA==
pixie
ib.adnxs.com/ Frame FACE 		42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=87851b2e-6209-434c-b8c6-2e1bf78670c0&it=1656921831758&v=0.0.20&u=https%3A%2F%2Fwww.pinnacle.com%2Fen%2F%3Fdvc%3Dd&st=1656921831758&et=1656921831758&if=1
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/en/?dvc=d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.pinnacle.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Mon, 04 Jul 2022 08:03:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.21.3
Connection
keep-alive
X-Proxy-Origin
217.64.151.6; 217.64.151.6; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
42
Content-Type
image/gif
session
js-api.otherlevels.com/0.8/ Frame 0F52 		3 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://js-api.otherlevels.com/0.8/session
Requested by
Host: www.pinnacle.com
URL: https://www.pinnacle.com/static/js/66.c1ac40c2.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.46.137 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
Security Headers
Name Value
X-Content-Type-Options nosniff, nosniff
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.pinnacle.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 04 Jul 2022 08:03:52 GMT
X-Content-Type-Options
nosniff, nosniff
Connection
keep-alive
Content-Length
3
X-XSS-Protection
1; mode=block, 1; mode=block
X-Request-Id
sdkapi-6fcb010d-dbab-49a2-a900-f9e06bc55fa1
Pragma
no-cache;
Server
Tengine
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Request-Id
Cache-Control
no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires
Mon, 01 Jan 0001 00:00:00 GMT;
session
js-api.otherlevels.com/0.8/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://js-api.otherlevels.com/0.8/session
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.208.46.137 -, , ASN (),
Reverse DNS
Software
Tengine /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
POST
Origin
https://www.pinnacle.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Jul 2022 08:03:51 GMT
Server
Tengine
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
/
br.1xbet.com/ Frame 133E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://br.1xbet.com/?tag=d_733659m_97c_&site=733659&ad=97
Requested by
Host: campaigns-ad.s3.eu-west-2.amazonaws.com
URL: https://campaigns-ad.s3.eu-west-2.amazonaws.com/campaigns-ad/js/57570ddbba33790f503bba699e6c8137.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.135.121.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://nossopalestra.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, private
content-type
text/html; charset=utf-8
date
Mon, 04 Jul 2022 08:03:52 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-block
18
x-frame-options
SAMEORIGIN
esw.html
pinnacle3.my.salesforce.com/embeddedservice/5.0/ Frame 2039 		0
0
tmd
lm.serving-sys.com/lm/ Frame 0F52 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GDU-HVUwl8UGVcLGteflRmwVp6W3bYZmhmwdhi_XdZm4O_qyHuLSVM_hGustT0ABfVgk4tcDzYM_gef6wiuHT3s82v9aKlldw
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GBBfS_l4VbUFt1Xp2WCFN_MkjbC-hCVzwUsNWLAbQDObpGzpgIIFPQexp5aUhJpWnnCTgLzW9ou7f0LgLsZ5L9EwBVlzh8YYw
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GDvuMkziDft1G0azj5HrgX8WAYmFu5rgEuLzqrTXyTdEEjOuUE0nsNU25Wy_yuODmJALx_1oggyaUOkDEtPiMAZMPy9l2e7Mw
Domain
www.pinnacle.com
URL
https://www.pinnacle.com/en/future/MaintenanceNotice
Domain
www.pinnacle.com
URL
https://www.pinnacle.com/en/future/promos/?tags=promo_home_top
Domain
www.pinnacle.com
URL
https://www.pinnacle.com/en/future/promos/?tags=promo_betslip_aside
Domain
www.pinnacle.com
URL
https://www.pinnacle.com/en/future/promos/?tags=promo_betslip_aside_secondary
Domain
www.pinnacle.com
URL
https://www.pinnacle.com/en/future/promos/?tags=promo_home_bottom
Domain
pinnacle3.my.salesforce.com
URL
https://pinnacle3.my.salesforce.com/embeddedservice/5.0/esw.html?parent=https://www.pinnacle.com/en/?dvc=d
Domain
lm.serving-sys.com
URL
https://lm.serving-sys.com/lm/tmd

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings function| $ function| jQuery object| bbp_voting_ajax_object function| bbpress_post_vote_link_clicked function| bbp_voting_select_accepted_answer function| gtag object| dataLayer object| a2a_config object| a2a_localize function| OpenPlayer function| OpenPlayerJS object| googletag object| playerPro function| e function| t object| marfeel object| twemoji object| wp function| pbjsChunk object| pbjs object| _pbjsGlobals function| GPAdBidding object| GPAds function| _get function| _createClass function| _possibleConstructorReturn function| _inherits function| _classCallCheck function| Component function| docHandleKeydown function| docHandleKeyup function| docHandleFocus function| docHandleBlur function| getTime object| $jscomp object| $jscomp$this function| cash object| M object| Waves function| Tether object| bootstrap object| FontAwesomeKitConfig function| _typeof function| hcSticky function| setCookie function| getCookie function| eraseCookie number| viewportWidth number| viewportHeight object| _stq object| google_tag_manager object| ggeac object| google_tag_data object| google_js_reporting_queue object| _ilabsPushConfig object| IlabsPush object| a2a object| config function| st_go function| linktracker_init object| wpcom string| GoogleAnalyticsObject function| ga object| webpackChunk_marfeel_marfeel_sdk object| tp object| __mrfCompass function| _0x4394 function| _0x42da function| getFunctionFromString undefined| google_measure_js_timing object| google_reactive_ads_global_state object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins object| gaData object| PushnewsSubscription object| GoogleGcLKhOms object| d string| calc object| google_image_requests

63 Cookies

Domain/Path Name / Value
.nossopalestra.com.br/ Name: ___nrbic
Value: %7B%22previousVisit%22%3A1656921824%2C%22currentVisitStarted%22%3A1656921824%2C%22sessionId%22%3A%22d2f006fc-91bc-4913-8b56-7878995439c3%22%2C%22sessionVars%22%3A%5B%5D%2C%22visitedInThisSession%22%3Atrue%2C%22pagesViewed%22%3A1%2C%22landingPage%22%3A%22https%3A//nossopalestra.com.br/%22%2C%22referrer%22%3A%22%22%7D
.nossopalestra.com.br/ Name: ___nrbi
Value: %7B%22firstVisit%22%3A1656921824%2C%22userId%22%3A%22a73a1257-ae09-4591-a2a6-973e2508ba99%22%2C%22userVars%22%3A%5B%5D%2C%22futurePreviousVisit%22%3A1656921824%2C%22timesVisited%22%3A1%7D
.nossopalestra.com.br/ Name: compass_uid
Value: a73a1257-ae09-4591-a2a6-973e2508ba99
nossopalestra.com.br/ Name: _ad__RE
Value: {"cC":"DE","r":"HE"}
events.newsroom.bi/ Name: 1388_u
Value: a73a1257-ae09-4591-a2a6-973e2508ba99
events.newsroom.bi/ Name: 1388_s
Value: d2f006fc-91bc-4913-8b56-7878995439c3
.nossopalestra.com.br/ Name: _ga
Value: GA1.3.1685907763.1656921825
.nossopalestra.com.br/ Name: _gid
Value: GA1.3.725978469.1656921825
.nossopalestra.com.br/ Name: _gat_gtag_UA_104161738_1
Value: 1
.nossopalestra.com.br/ Name: _gat_gtag_UA_170494924_1
Value: 1
nossopalestra.com.br/ Name: __adm_tid
Value: tid-2ec005b76.3ae344da2
.doubleclick.net/ Name: IDE
Value: AHWqTUmOinVw2_FzYa3JNuNuNdds4CEAJ3iZWElMmSFtROStolAXAa4tc3bBIMJU7aY
.casalemedia.com/ Name: CMID
Value: YsKe4cfIkoufLZ.7zHRAsQAA
.casalemedia.com/ Name: CMPS
Value: 3186
.casalemedia.com/ Name: CMPRO
Value: 3186
.adnxs.com/ Name: uuid2
Value: 5399193452178199556
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?euUVRy!]tbPl1M>e)ZlrFUfJ+tGXxoDLJFeiOpM[cShSPa?oAgJ?3(]'YvorbC1:JS*bpRz*qF1`*b_5O)pD>I
.nossopalestra.com.br/ Name: __gads
Value: ID=05fc20255b33ec8b-22d8696bc5cd0079:T=1656921825:S=ALNI_MZDqoANM8o6Zp4umPfu4hylwZ5Edw
.quantserve.com/ Name: d
Value: EHoBCQHEJoEA
.quantserve.com/ Name: mc
Value: 62c29ee2-35933-e6614-b3e26
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CAE00BC2-A335-4E12-A4C2-90ADCE4A7998
.casalemedia.com/ Name: CMTS
Value: 5262
.doubleclick.net/ Name: DSID
Value: NO_DATA
.agkn.com/ Name: ab
Value: 0001%3AAgE%2FkTOa94LxfsSaWODHXBGjc1HTJ8kK
.agkn.com/ Name: u
Value: C|0CEAqVVtiKlVbYgAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/ Name: uuid
Value: 312c877e-ac06-40a5-8f6a-f2fbbdfe6aa6-20220704 04:03:46
.awin1.com/ Name: awpv11354
Value: 412871|1656921826|d49e2b80-fb6f-11ec-9435-22651120a0a6
.iqbroker.com/ Name: IsRestrictedCountry
Value: false
.iqbroker.com/ Name: IsRegulatedCountry
Value: true
.iqbroker.com/ Name: Country
Value: de
.iqbroker.com/ Name: CountryID
Value: 78
.iqbroker.com/ Name: aff_model
Value:
.iqbroker.com/ Name: aff_ts
Value: 2022-07-04T08:03:46Z
.iqbroker.com/ Name: AffTrackGroup
Value: Black_team_(partnerka)
.iqbroker.com/ Name: Serv
Value: NL
.iqbroker.com/ Name: AppID
Value: id871125783
.iqbroker.com/ Name: brand_id
Value: 1
.iqbroker.com/ Name: platform
Value: 9
.iqbroker.com/ Name: client_platform_id
Value: 9
.iqbroker.com/ Name: support_email
Value: support@eu.iqoption.com
.iqbroker.com/ Name: company_id
Value: 1
.iqbroker.com/ Name: IsAppStoreCountry
Value: true
.bet365.com/ Name: __cf_bm
Value: za.et.I5eY0lnK.BRcGBsPJp.1iXOj9CtFynKvejPkg-1656921826-0-AQag+clZl42JRmammWZT7E2ngLGoDgc28TyhCdagCNQD4hnSUCFX3eckxWwAjLd69RJpoJkm4y8Ko6V70ttcQPU=
.awin1.com/ Name: awpv11938
Value: 412871|1656921826|d4af1b70-fb6f-11ec-aec4-2237da5287b3
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.zenaps.com/ Name: AWSESS
Value: 377129:2470185
.congstar.de/ Name: staticentry
Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1656921826_d4af1b70-fb6f-11ec-aec4-2237da5287b3%22%2C%22sp%22%3A%22awin%22%7D
.zenaps.com/ Name: awpv11354
Value: 412871|1656921826|d49e2b80-fb6f-11ec-9435-22651120a0a6
www.conrad.de/ Name: HTLP_timestamp
Value: 1656921827
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: VggVyAyOFvbjfmhRrwO3jvHCgaQd0UVGHw2dBm686W0-1656921827-0-AcQwcgTfR6N7U3VtCFv8+bAf+SoxZeGPX/qjNfOCgKqWckTXKvWKv89e2gNYvOWGOgKYoLCL4L1XIrI9dbQnN4M=
.iqbroker.com/ Name: landing
Value: /lp/mobile-partner/pt/
.iqbroker.com/ Name: RedirectDomain
Value: iqoption.com
.iqbroker.com/ Name: RedirectDomains
Value: iqoption.com,iqtrading.asia
.betano.com/ Name: __cf_bm
Value: 2LVWRPehGQLtomF75f_86z_RsugBNkEzojKJrYAWI1o-1656921827-0-AbyUoeU4l/PbDCE22T778DdHvm/x2bQK0GHoR0+JdAB84ZWT+K/uk/2cAVCPloSmF6YFaODoWFtoj0q8+5NsrN4=
.dailymarket.com.br/ Name: _ga_0WM4DGCWEH
Value: GS1.3.1656921828.1.0.1656921828.0
.dailymarket.com.br/ Name: _ga
Value: GA1.3.1793980114.1656921828
.betano.pt/ Name: __cf_bm
Value: Mj5l8h0frcuKtoDj1Czl6uzYmOWWVwx4QPOGewdqNvc-1656921829-0-ASXtpmn9vuiLNdHpACSmz4a4uNAyEEGHBEAhhC6jImtOtL8tvbQi4yLL/dL6hn2ofM+cNlqvzYrMh/06rRxYo/o=
nossopalestra.com.br/ Name: _ad__v2.0
Value: %7B%22QmV0MzY1LS1OZXctZ2xvYmFsLWFjY291bnQtTm9zc28tUGFsZXN0cmFnbG9iYWw%3D%22%3A1%2C%22QmV0YW5vLUJyYXppbFJULTJnbG9iYWw%3D%22%3A1%2C%22QmV0YW5vLVBvcnR1Z2FsUlRnbG9iYWw%3D%22%3A1%2C%22UGlubmFjbGVSVC1CUmdsb2JhbA%3D%3D%22%3A1%7D
.pinnacle.com/ Name: btag
Value: a_27754b_17506c_
.pinnacle.com/ Name: refer
Value: XAFF5905
.pinnacle.com/ Name: UserPrefsCookie
Value: languageId=2&priceStyle=decimal&linesTypeView=a&device=d&languageGroup=all

9 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GDU-HVUwl8UGVcLGteflRmwVp6W3bYZmhmwdhi_XdZm4O_qyHuLSVM_hGustT0ABfVgk4tcDzYM_gef6wiuHT3s82v9aKlldw
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GBBfS_l4VbUFt1Xp2WCFN_MkjbC-hCVzwUsNWLAbQDObpGzpgIIFPQexp5aUhJpWnnCTgLzW9ou7f0LgLsZ5L9EwBVlzh8YYw
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEPtoWJprD2PCSkUb8GfGQcc&google_cver=1&google_push=ARnp8GDvuMkziDft1G0azj5HrgX8WAYmFu5rgEuLzqrTXyTdEEjOuUE0nsNU25Wy_yuODmJALx_1oggyaUOkDEtPiMAZMPy9l2e7Mw
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GACqf9KRa6mgrOXpI0nA1gmNW8xk2YUleGQvfsBXRRKKwr1wEd9KMse2X8gFzQziy0G7YizW5GcLq68hJfqNVoWAwBpBTub&google_gid=CAESEEL6KV18VuDAAwY8mO8dag4&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: chrome-error://chromewebdata/
Message:
Failed to load resource: the server responded with a status of 403 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://members.bet365.com/' in a frame because it set 'X-Frame-Options' to 'sameorigin'.
security error
Message:
Refused to frame 'https://br.betano.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://*.betano.com:*".
security error
Message:
Refused to frame 'https://www.betano.pt/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors https://*.betano.pt:*".
network error URL: https://js-api.otherlevels.com/0.8/session
Message:
Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2bcb6cf5a1c8c5040c591e9d430ec649.safeframe.googlesyndication.com
631c453c-68ac-46ab-857f-801e975e733a.snippet.antillephone.com
a.cdn789.dev
acdn.adnxs.com
ad.doubleclick.net
ad4m.at
admaxium.com
adservice.google.com
adservice.google.de
affiliate.iqbroker.com
ag.innovid.com
analytics.webgains.io
api.pn.vg
api.webgains.io
as.ad4m.at
assets.ad4m.at
b.admasters.media
banner.congstar.de
bid.g.doubleclick.net
br.1xbet.com
br.betano.com
bs.serving-sys.com
c0.wp.com
campaigns-ad.s3.eu-west-2.amazonaws.com
cdn.otherlevels.com
cdn.pn.vg
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
code.jquery.com
cookies.pn.vg
d.agkn.com
dailymarket.com.br
dsum-sec.casalemedia.com
dt.adsafeprotected.com
events.newsroom.bi
flowcards.mrf.io
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gml-grp.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
guest.api.arcadia.pinnacle.com
i.ytimg.com
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
iqbroker.com
js-api.otherlevels.com
ka-f.fontawesome.com
kit.fontawesome.com
lm.serving-sys.com
members.bet365.com
nossopalestra.com.br
o417691.ingest.sentry.io
odr.mookie1.com
osp-assets.pn.vg
pagead2.googlesyndication.com
pinnacle3.my.salesforce.com
pixel.admaxium.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
pro.ip-api.com
prod-rtb.ad4mat.net
r.admasters.media
racebook.pinnacle.com
redirect.lista10.dev
region1.google-analytics.com
rtb.openx.net
rtg.admasters.media
s0.2mdn.net
script.hotjar.com
sdk.mrf.io
secure-ds.serving-sys.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
static-de.ad4mat.net
static.addtoany.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
stats.wp.com
tpc.googlesyndication.com
track.webgains.com
use.fontawesome.com
vars.hotjar.com
www.awin1.com
www.betano.pt
www.br.betboo.com
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.grandepremio.com.br
www.gstatic.com
www.pinnacle.com
www.zenaps.com
googlecm.hit.gemius.pl
lm.serving-sys.com
pinnacle3.my.salesforce.com
www.pinnacle.com
104.111.239.217
104.17.133.181
104.18.18.126
104.18.19.126
108.138.7.118
108.138.7.40
108.177.15.156
142.250.185.134
142.250.74.194
143.204.89.34
148.251.139.77
151.101.130.207
151.101.194.207
151.101.65.108
160.8.14.13
172.64.148.86
18.66.139.117
185.117.134.138
185.89.211.117
185.89.211.12
188.40.92.96
192.0.76.3
192.0.77.2
192.0.77.37
198.47.127.19
2.16.186.25
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
216.58.212.130
2600:1901:0:76b9::
2600:1f18:1aca:4280:2eb5:dbac:a0db:e9d7
2600:9000:214f:cc00:13:7e8a:aac0:93a1
2600:9000:225f:3000:8:48e:53c0:93a1
2606:4700:10::6816:46c5
2606:4700:20::681a:61b
2606:4700:20::681a:aa3
2606:4700:20::681a:bd1
2606:4700:20::681a:e42
2606:4700:20::ac43:4a81
2606:4700:3031::6815:2a29
2606:4700:3032::ac43:a9f7
2606:4700:3034::ac43:9689
2606:4700:3035::6815:3249
2606:4700:3035::ac43:9ecd
2606:4700:3035::ac43:cf91
2606:4700:3036::6815:4698
2606:4700::6811:180e
2606:4700::6811:2e1e
2606:4700::6811:5459
2606:4700::6812:1734
2606:4700::6812:7e05
2606:4700::6812:bcf
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2006
2a00:1450:4001:810::2008
2a00:1450:4001:811::2016
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2004
2a00:1450:400c:c07::9b
2a02:26f0:3500:11::215:14dc
2a05:d01c:1d8:8101:7677:5b33:71a6:2d38
2a06:98c1:3120::3
2a06:98c1:3121::3
2a06:98c1:3121::9
3.122.145.17
3.68.5.33
34.120.195.249
34.208.46.137
34.251.55.128
34.254.130.126
34.98.67.61
35.186.253.211
35.244.174.68
45.135.121.72
45.60.156.148
46.236.35.87
5.226.179.10
51.77.64.70
52.95.143.2
54.171.241.185
65.9.66.17
69.173.144.139
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
031893036e023f6599c84cf742656bdcc445e102fafa779657c73b739470d7af
0507579ad8ae986828ea3e585ed5e4eaf6d6578a8d7d224dbcc8c619439e4d7b
05397629511aa65571ab22a7ab1a258f6f0c401bfb65ed44fdc2dca9d749c1aa
065cc2a79ed5890cf8ac453fa6c5649226a0b7c920427f3bf7be8eed9c88cdd2
067cc6bf1c222a4dbcc7fc0fdf599a15a9922cd9f0513116a747495dd02801f1
0799522d13b526a6858eeab2722f79c1a93700febf49805fd2142f29aa02b335
07a27ccac84d3870b401baa4ac741492c8ab071b0bd9ee2a7aef0a224b47afa6
07be4d6432f38a8396337e8e35b037410a56172b187f7579201172c9983274c7
07d294d292e8ea3a1402733161f5e960b0f44eedab2947cb78d879dde859b8b7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0aca2046161917e1565c000539829b152f0e4debb3333e61bafbd51a1966b5c3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b940eda1d20c2bf801fb3c889fc042ccb50809c5d9ad9b66d08a58a807c9c1a
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d5f2349e4cf4904ffb7c99ebb918020a682c2a2b07130fcb033934a791dffe6
0da4791b446818516f710c51707081aec7b23a7c5212fc0b2629c973210136a4
0e3d4eeead3a8fdea865ef4a92d31642850fafcb5f5ef3802c2c66e9fe4484d9
0e4b11bc7f02a6c17bf6bb76747a70588e0d265ed716034d7b9e4b85e4289f7e
0eef6e2fc439af50ee046c7d70ac5740a3b36c030595b9b4ef2af470154de1a7
1126e72ff6188aded79ca68e1f37c9e257d7154ecba478dde697c9d9c206648a
1239d8c2cec92aa40712337bc2a726541b63ed03434cb5777ead4a4b8788fc62
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13f9d575a9dc9bbf1e70104ddcd090f1cd78d45d4e4ab013a584d6283f5b080c
15bcb9475a4ac71af3d8549cb05909bbfb5815cbbdc637e97621bd276ff2ca43
165fe59feb2097fd46efc19b6fc39a2819cd3bdb21ca7cb644cf699e51400d09
17a1f0b031477ac7846ce5299eb79df329ebbf595b67a3bdc29d017841f485bf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ec8b3ab3ef5a8f0236932df324cccd1dc90355e3fc8e2c396839ba361c5b3b
19a9bca029dbfb340956d9d7e8e556a91e857e9d25a7fd3c998cea4a4e227f85
1a02575035d53aad05635244331c9f5386553d677dc42a1ee8f065b409e26735
1abd13bb36218b14ea3f542711e9c648f8c089eec460fee713c255a9d6766528
1c87cf10a3ff5d981cd6fc3f654e585abf673437134f80956b8990cdb83f8b33
1cb5dcdb11eda07425f9584041552e161f7ff7395cf52d201e023dcd869157f2
1cfcde6ae678c5e7e1fa5abc2338ab1edf6f1a4b059d5bfd331faaf7ad4129b3
1d6cf7dc2eaa04df8f7e10c871f45458d2a5c64a531937fd79c55ade3d5a5456
1d968b410c73f538cafc105c00efddb6ba063dd7ee24ce3b4ecc92c3daf303aa
1df88ff41be8867eaeab2ea602425b8aa8745721442c9cbdf50a86484093a44c
1e529cc989470de39b0d7fa89d1bd98df51fe96913e6aa635d373587420f496d
1ecfd5a6e1e011aae1829b9dcfabd5a660e1299b5a87307cf9c5d559a34ef1c3
1fb087357d50ac16cb1918bec3966fd45d2d092a10c49064b5e1a2c3bcfbc412
21943a3c4a4d4574f564cfac429b734cb184f42fa12a12694830d670a16b738c
229b88d8de6a8f34b475b90138c8cb6263c96f4fd2b2a6df784fc0a2b17ec383
23307810c1b3fcad121cd88b682c7fd1e0497128c7c38c8983af5f8ddb01280a
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
235be8bfdd19de9bbd0b0291b2b588b6c295093a33120f06d1e1b8803708c7fb
23a8bb3dc090e27defe4eaa1cf3100f95a852c90963f984a4671cad44657b8c4
24b35dbd8681681f5a851739371afefcb2c43e922cd0941be2d4034669fd336e
25937be731f158ca2be21feeaab438cadcfb423618c7a0a7a74e653b91d5151d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26b69e8b3da5efe017311292cf15d606597c4680ad0a1d1859ec40c42ea1a22d
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
279b86bbe474fa8cf84c0fe45c4bca7aa96d01bffbe6aa709dc7b362d1ff2c24
28e73defdd0189d3700842b4e0f8616ccc5221b8a34363bdac21c1b84781be29
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
28fd831e3a5b0cdf47cff8ab6cefab6949b907b6924d922dbcc25da3114941bd
29185c6b10d00814c454d283af1b3485bc51d3e43fa71f88e8b97d365263bffe
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2ac64cea40cbde0d2d259ceb78f1d40d9a89706f5245d21349d4c7d2bfa1c50c
2b0967367e11d95dff1754847b4f9c446735f82699eb28370857a03b49480f8f
2bcef052d0d99b56c7a9b9b0ce076ca020219e6ecccad2b46b0267ffc2fc8bc8
2d0fb96cb80a6051c0c25e3a6c1a8d3989d5f8cec7be8d12489a77f8b77cf305
2d26d3394030fd5cf48bad79221fc5ada25139af2576656a0b203a56a4372035
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fd4aa8296b6c6e1e2aa2cda6399dbf41ba80ac1b4bb477ed5c9796fb832e4d8
3134713e3b70c87793edc1c9807cbcfe58176fd552637b5cec71bdcd5ae1d6aa
3219db44a7f27edf15a68b0e3c2f6a0506f6036d65a7ff64eba0de991122111f
332e45bcd4c243a40af8ec861316cafe009c3c5de4366f960d4c6cc2ac92e1d0
33d944ea690e769858246053b671bd885cd5469cd962707629c2292606e14162
3514a999d74140815cf397facd0f59f129d9e36aae28af8616962a9ee156ec76
38340c81a6abf327da0789e6e28c7d7692d0790d94a60108199264a0b9363237
38544024da1a0fc2f706be6582557b5722d17f48ad9a8073594a0cf928e2e3ff
385899ff1573213dec08df0fe0b6836c55feaddd171680235087ebc13c56770e
392a64701f2ec3ff128d9d82cb24567efcbda3c8747a8dbb9748f2126232eda1
3b079a3ff21ceabb15fa5cac7f24b887e2cceac470b8eddeb9361fafa335db88
3b53f34dbdbcb29ecc8b3d673c5cb78427b28612251f43921849a2385525e372
3ba1a961f1cde88f4983a04fb2e2d64d9545b15ab4ca4ff1aa6ab7afdd5c8b59
3c0b68ea789d4bc6705f42dd6c44eb38306b965df01f9409eb4a941370e3b158
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3d30f25faf9ff1d6177aa05091c7684eb09a87e3abca581b833fdb63ae6e6b3c
3ea5cf693555f06b2ec26c03f9306c6ae9b95612b89be0b63f672dd87f3ad15b
3f38877bb33f49eab9f1404e24892aa319def0430c5e189eb71493046a8ccfdb
3f744b349a8dfe361caf1bae49437361d028b7c2b918b164283adf3e9dde51b6
3fc56167157162355b4ac42a16e9ca897365648ead7432d744e5ec8efeebe57c
40791556aa5efb0d747a95a5be8da30d30894a8d2735c02f965ed4bd1344fe2b
41a683137c8c1dd8eb93814c564ad2bee1c69f5ef17b6aabff5a24fc81de7693
41bc4d4fe88139d6ee89abfcb2abac71e1430d85dbffc0be7c8f6bd36f4ced7e
41ebf724b3a154d3b37a8cbeeb4a216e4734ba137f938c7d3e929b4dfb3ef6de
422341e2b4c8e05aee20cd2a053cc7e58b1b4f6d076f4b3db65f4059106cfa60
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446f40b3d26b6df71d0a6e9277109c79cc8c43c60acf2ed7204573ae9aaba571
458389df851873c19b0e9a24958177774c3402980b32c978cf366f4a2bd1b7b7
45d7e88cef461c679cf5a9a267e3af7a18472504462f52f729a146998b41d151
460dfeae57424a493383b2143b85a343c4168b804911d65b5f9b48fec6a46e58
46f5d5aa9f8e7ad17c05ed0cb39d0affa11b227930fede5e0299531f165b9d7d
4753a1fc08d628e068be840894f27295641917c17e8343d47a3e9b48346712c5
4787ba478d2dff0045aa107066738343a8ccf37921223a1448b53cfe1ac5826d
47d0d2867473bc7627004dcdb05af0abc5fa4cb44a5592a50e412cb909377fe4
47dac6579735b02b4f4edcc315c85383de322b92253a6b24bda64c8924588f59
47f322cb9c643f98f69def5ab8d6177036094070f01b1126bec69e9eb0f87b95
481bfa4292798eb15d056ff461dc1e90bbe9795fd99299b59c02970a0e710207
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
48b2ede3b4e6ae84bc5f306fac89cb1505629f5e0b5aba0ed486d58b0c06a3bb
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8894d57dfa621e534ef4eb25263e8f00254cbcb4327f1f98796314ac279dde
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
4cacdcd0a2c2d0e70b170248632a001b1d81e241c03792f04f1226a1f6ed31df
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d5ba417adc6f8c21b748737cab1577dea0bea16dbe9d749c4e845361799031e
4d5f5af3b6fb4b77323a65462cd358b688bf63e85144cd58601d93f73de6fe41
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb1ff879a43389677ee114efb834a310f36ca0b6ede3c3ef504af9e5390cf1d
4fd1b7fefa605f6ea2cb91d35bf172c5aacf8946302f5c2b0ea57dbf5ed5cf8f
501b772c355ed0107f4e548524d09dbc3f11ea97e0b0e735cd92e4f4c8849425
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
511a9df4660a4c3c51f9d72fc00ad7f4ec75218ccde41ed7f2b65dbdc9f7afb2
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
52ade520992be30e13f1121020d64c9e661db520ca3c2068c8233fccbd529682
53f7070cc4c81c278c72f7a106fd71434e766cf49b26d6ee8b0e1003d7132b3d
540fc2ed76923ada1427f40e5539b43df3b9c31e37e4027498b3f675061edbd1
552251370c19357949d4f81e843f083a417250d03aa86a59c5a41950a253108b
5565f3f8a4e1eb9e84e367c77799f6c8567e2dc252d8a91e8aed71bbaca946eb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
57aa2155e87b3d27bce9203dd8642056aa55ef4e7b4c24c1ad5f2bdddec2ed43
57e701a602643839c5053dc0afebfa3249366b35f16e133d9906fc0291c30ae2
5aa600aea047cb99c7e2c22e7edaf89f0539a6772a21981636e21da89bed440a
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c3aa98fdb3a178ae571704a853b6f1c21a061a1715a61666353094d6414c426
5c94a9f15c6211af188f0b7c293a43ca5567292ac19428f3f675ff39cda3c565
5cf960626dbc2b59f6af82c1c12713580a00de33097c694231bfb26a7494271a
5d36d0349727df920f9dfb5c0be6438af5e32949dd82d27bfc3ad764c3e8e777
5edf297381b409d711bc8d27676951a59e151e783412850332519c05243d1e24
5f81bed0f608ec58cf80ba7d5528a2f17b8b173c2d61e6df36359c3d91fac9c5
60c9f0124e8cf8dc4409d71a464805070c4269c0afc99b79d95dba2f2d883fa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623702bd791d4553ae7226c2f48e26052e359573eb59fa98d819e9b248593e7c
63ccc34c56ddde9859e5fabe9fe08fc891b8045aa804d5909a57dbc5dadc6f10
666fd27a60842e98bfa35c0483fbd86cd187c0ac9721932556ca339adcbed417
680555facb9a4567a4b55872fc013eb1bb29e22b15cef5985348facd22c060aa
680af6669abc319f9803f0fa26d443df1b6bc29133d88a8e4bea560ffed7288c
6976cf0314410c7489f316d152e40c8db8413849c81e0625999b7cc5e0630cbe
6a69468395eb541a451d375ae8b3c49d77a0fc6d0d15c76eb6c5bb74134e1725
6b2b9b81075b462e957367a548ecb56fe822edb3e6eb5b27925c29c5f6b00c67
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be7a05ef4b651014b2d154d69c78f749c6b63ea187089fca1111f5bfc860b6a
6c764ce76afa9f760347531d28eebd575ba7bc794f680bd6f3476bfd20faa7ce
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d106ab40ec17af791b2a243996477e1cbf75494105ff0a5dead9d9159c7ce56
6d401acfdee02845c03c8bde52ec03572ea9353945aab6e102cb92fce18fd768
6dc5f253fc8889d015fa15f13b005f34023e924af350c989d16db8bd40c411a2
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
6e0a3f018621b814fc4ed16363c7a507d17fc8d36e8299c83cbbd6513c2c975d
6e9e701714b7205e1c49e7b8b4600f63385d541c16c64b97d80d6529d554ba37
6f9fed2e4d6be298ea778da093983a2236972d11101c705a1b90ab832949a6fb
6fde3e4b14f0aa592771a42ab3858b7c5fb1f4186cf8c18b28c27e1d48362c4e
6ffb3ce825f05c87813b1ae4195629568b1b9c865e90578f021f90d1505d55ee
701c8ca64a36596056cb473bcb74e55ef13d324d834842e92419d4c24c8e70b3
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
715c2a1c3650ae2a4dbc672e99bb0d712688cb41ad013d876da5b4839946f22f
71dddfec38650365d8836e10a9c4432954fdd25b48dbf1da7f34798d4d8583d6
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7357a5c5777e0f8c9592365cf11cadb1bcc58e50773bdd4e604bb7a53ebe6037
74aa63e59db1117c106a99c479e5a60fe1a9c1cf9f1a7538e26ebbdb54b43f29
75539451c4b2b14560670b1c2b6816f935a52ed8773269e7e5777235ffccd490
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7651812cfed44ebd48ad17145a3af03b893910af402daed77ef8c7c70fbcfe50
78b558bd2357fbe7ad52804fb3af1b8664b23db096b1deb22d215dde25b152bf
79cb014913501c6ab2e531995462c6d6e7fde734aacc9a97e88ef20454014e1b
7ad697a5567bb430be204cc20bb875ed00d64d0691ba06eb012fe3af129695ed
7b88658ad27134ac1c18acf69a2bd87fe2f878b1048ccf0f5cfe4eddbd8cc1f5
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7c7e6698201220d0088b69071db607a344c0579dc2138bbfdc6d1631f4e20c25
7ce3eee4cd598dd52e7b937de204d78dc2459a9dc379d0d70c478364e7b1bfcd
7dd71f5730a268f0f52b40bd40876cb4eed0f01568f6ae6f509b5b398401dc1e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80bd626eb6d57112072a508ee4e5ce3c2fe5673fe0a5d029810033b24aaa5e9f
80e6172963723773fcf7dd4922e58c1c584fdc4acbb9c2bcf961b2684b1b00d7
8190e63153c11a320c4397469584e5b793ec8987ffe71e62f504e1ecbe71fa8d
828be9cf8754e0b42ccb2fa8df4ed132dccd9cb960d8618f3a79cb8710eaf002
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83952ac3cae806807c18789fab8b9ba2f7b2a935fc2598198a6b71a067c8a61b
83fecff6653e9315ee0b577d1ebdb602d72108618b3c637cb9792ad5d9000a4e
8433a16a2e40e6c68a1320c329bc76201e6068653b32331cef5544aea52d2a03
8447a13e3386284144b00638c3dfe08034612f0a60c171b71a019ff27efbb309
8483e2d8e52eeb37a1c48d2400499568650f835f0c994961503583b6a25f7df1
84cede1407c1fb7a06c42bf7be9d6c603f4690b956be3a4efb4cff48e298c412
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
86c855490e2fee239fe33d41f263c82a83d899384acb0a2abf18a9fb610e6bcd
884b8bd40f5da6332adaba63aa4dbf742ff7ec44c3a8658e8bb42ebb333cf99b
8a9f68a97f8c907f66e978ea005e04e33341e0a569029a62110d5b93aaf78d2e
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8acf0f478ddc46fc181bc74905dde9bc294b4ea3052a4c4fd9c76220cb521c0e
8b4e7391528306d543bb912e881634772c04c93434cfa7feeec03a840f0e6043
8dccd791dcb7d132fea0e1dc37914facf9c069dcbf1ff9dc7196bd79ca85e80b
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8f244e407e374e5a35e20db52746d972e7e3a09d54952be4bbebb51a90c959e2
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9167954de2965bd9481e478acd5e05b53018beb14ddfe1be6505a6b27a801a7d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac
93a3b6f202b34eb9d8de67d740399e96e4a50cafbbc98ab9a06c8286883cd26d
93daef751384d0b0a66f4a80fbea9fc6ed0e5b6f3d40a55a00b853f05d7a1e2f
94c6a1d1d05f9db545f00c5cbe36001037e6899ba30af10da91eb33a371ec0f9
95c06a3e6c28a512b08155b23f867f4699ce33d79ef8ef7a229ee6a33a6c83f6
95da64aa07444494fc3ebed5dabaf9bc9b56857dcad58b708198ccb437e564bc
96fa53f5c7ee449368b95af8f9b354851f7f47ef24a30c820df6fdfeabab17ab
9702471f6f4170ed4b55d66bd253fe8d985fb74df77e778684f7c8acd94d4802
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98df77fa1bde63816051f652f3e9a30e29a68fe278a759b24b72c028f04ad291
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a06c1e319f6800741251294f15467d9725abb4af10636f2c5438097b672fbcd
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9abbf6327e8e5fd715d3ce1bb9eb34d0a6f0b332f36305f935944567ee48d218
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9db59b66ebdbacbe738afae716ebd77ad73f60f22374ec4a964592d12db22cf3
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
9efe8dce6c28bfae85248784799c030b4dbdeb26926d8c22687856efc9d51950
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15a1a06d6c36f9faf5cc74042775b24798a6b45e65618aa10a5bf04cba80d43
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a263afc16d9dd4d23a5b70e76bffd65ab267378a63813dc91da8dd34b293dd2d
a26e8048d57f6c706f927709a44972dec76abe2b8046332b78c791a94a460360
a373f543efdcea9b694dcc4410de84e96620cc53ae1f15acff21b88a608270b0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a57b918c3515ced748a8b0d297202db9b15fefd82acfddaf11f977761407b2ad
a628223ca1d943937a910b43487d9a31125b0fa061ce0349b47983c56f60a4c8
a642eab338616e43fdd2e6a746740d619f32dc42408265a6fc54044c5c424a60
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a797b8642ca0902c4fc7bc13588f8fc20c6d641543692b9856051ce51d95adeb
a9268b655517e43d36094454a58e01a557d28c5ac2823554ed0d1682e01659ed
a93daaad50d2363ffd557dc7c0159d94db74849f50f6dbb339c616fa5106b1a3
aa03c439fd0b490a259b2f8af553dcb98b915d283155ebe6a708edb260604eed
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab43d4bb1bcdb0f183d0df005eb940e8dcfa4e6a1f3ec11d72bd51fa8eb5ac93
ad5dcbded1af22a7202290c063b1612da155ec9d399050633f583ca4eb9ca98a
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
aebed60dd2ac1381891de9866cd4b8ed44d16496350ca9c9195366a07d226681
aed4126e90ddf4a7c26b5c3dab23b8f9b9d060d9e43130dba9e46e9db5383a67
af43cb12aba17e1d54c4a7d1b98ac8a8c076ae0b03eed86bfac586a6b2561bd0
af9d1952b9e4ff458d953d4f26b0bcce0bb2571e9fa58d6f0d0813f4788d2bc4
afc5c9fcf1ac8b37add529c608bbd0c0964eb2edd1b968dbb911e1ae3835f28b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0aadd02c2af6f4fb2a70f0fc03c1cbfad492658572ff2518e154d113afb711d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b382c0709fcc54cae8c7c73a64145ed2d0fbecb21d804c8b7ca0db9d3fcacfbd
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
b8e3396a7555ebb40abfade1cfa722553aa683787a4cc6bceaf52dbe31d89e3a
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
b98c66d3a63f339be596ee49016a5e1943e031a0e229b1ced41be3b9846771e9
ba0aebd04de188e6a3ce7de531b1061ee4025c617f94acd18e098e0abbc1ebd0
ba414143f57d9bad4660167620a239881bb6ee419bb9dc908def9122b29608a1
bb96d10b4b71a90568c571d4420edd4e2e38e7faf4eafe7f9adba5374c14fc60
bc5d6d7f44af26138f80ef48a26d051727ef50ac56f4a410e4a32aa97e9e4d05
bc8ce1cf1e49ff066c798e281e824095911547ad7e478dbb01c3044d183429e0
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bd0e9db3fd68adfd769cb6d3a647a6e90b6e0a4a5728f343fab452ba44d5b7de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bd770dbc583abfb9295abbdefbab9a3819d6e6a080acc585b1178fd38efee213
bf6d64252c75bc47fec6f73cae506f5e4e31500cc401455fc3477b8ad298bef4
c05d32ca57950965e8e862309e4ee5402393526bea838fb7c0fee92d3cf9886c
c0ba6a4c6711143826221d7a815092033294018a0c2655880da0b829d074ac20
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3fe90f9db442e9d619da572a737369b9cd587a23299d76921bf50e8486cbe10
c4316bf7e19b904e26b5f7316ab06f8eb55ec92aeeafc9a81343a37a98336a3f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c472b397a771cc621216f46f1a4b0a07b47e486f15b48fb7f69b04b804bdaf71
c4fba55eaaa608ea9d94c2610e5373f3cc6c8d26328c9d859a9f0810249c975b
c70da34747fb31860fa118ff5d6736f81661838a0f50f077aa29d63ad7b00e4a
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c8ca292330af5fc980867ecd80ec7ede3ac1ed033a53ef80456aecf84b0b46b0
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cb0e0c366867ef045d682089665beeae42d556bbc1447aa3df0a6babd5fe3bbf
cb15f58105529df8158dc8cd6c30b47eeff06fa8989e02f8eac63d0fc3d5e2d1
cb752e1b14dec3327a4bd829d99c55c28d9b9797da26161c2cd65dc7e28cc7a7
ccd75fc7d4e02a6c0ef056c882a98bc51d139b285b2cef13cbc7fe68bb4434e9
cd41f3cef2ac56f2d922704e7f377d78baa3255c09ca8a0d2063e88b19e3cfd9
cda5f084c2c6f858fafe20b03ed46c19082233f70cb20282f1090ac1a2415719
ce94ed62a65126621232ee8ad72bb83bf9948d283d2dcc9cc45d8f05e89dc403
cf4d4bc2788671a9870de27e036429db3d9b5cfda29abeec244827a790217afd
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d14c193c6840fe40341b5187f3cfdb5720aa6dc3cb2f75e282f84b6dd4198919
d2e959287d40e82860f87d3e52fbe826f5732368b8941cf2c980514506c1f357
d31fe4751cde6f0f884349f049756571d820e9de93fab3c0a2c453ae0fd95428
d5671b76b653da8dbb48d05002fe5541ef72677e87f2acf566356d3bdb90b7ab
d5f74aa0749d664b6550ab2095d5c8153c921ef4b3018266a9d229eadac593c4
d614922fde9604f8899e47f3cc3d69bf952312b996f7cf1421163996710850fa
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d750949568389a83e713662b134b1056c2a55fae130ae79461e20506dbab9a2b
d7c2249c4f39bc0dbaceafeb7a4ab9f599441c6265927ad20920991fa22bf362
d8bad9672fed38d3a74883233663e7d445fbcdedc805c81072c38f69fb5f7ba5
d8c7fa9dc87c1ae8ebf6fa71d356b75d51d41e96be9bb7effc8d175b6508992e
d911b9628680897de145e5e7ad1eda534bc607e2c526cf08dc80d0ea8bc61acc
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
dafd1b4ad1382b858662d070d548f9334ef70f4774683435e72e1140f5c26916
dbb8daffbf7494ba152f47726679f4ba8f60252e26aa31dbad718d6f3a1bd119
dbfcad26825b0646f031ff0da6dbb233df888213083f3cc4c2ca90cef877cf2b
dc70de255abd264de11984499c8beca33154dad2c53ce04b1a206a11fa1141a0
dc8655edd4cb5b195621f5ff39f9c74c50b309f0905796dcd2e4374aa01271ca
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb68e16777fefa7c5ab4cefd475b2b9e9afaae5d243535a8eccc89c7fa3c17b
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e1934058e6d25db05570e3f2c827a59d7974d55098c59349795a1a32af337c4f
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e2a986586e9fe9725af64d37d0c1b74a8834d565bdf93035ccdeaf551f450fbe
e2ff0d402bbd7ae8910ea63f2db5a940cc3ca56e51a031f0858f4a34928721c8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb9864975b4c35bbe986824adeef8b81c23f0f6cb4abaecb54fc5933d7cda4
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4db1925a75d0f477e196e181b61ed8253ceffc4dd16aae0051220e0c43bcfc4
e639a0cf08612ade001a7a5d1182bff90af5bd1a98af62cc5e498b659cb9c5b9
e6e19115e8ae3d11ee9a7d9199b6cfc8158447f85f4698410e19079b0f10b178
e7daf710527780258a3b5b5c268fcce2483f40004ee8351c150850ec164f80eb
ea4d179b0553f187e93202f18eb03f814322d055b9f086a9932ffd4558e6a380
ea7e92e4d0283b0ee62900682565ce0860886ea007c4e12b36c928699bfecfab
eb27212fb033257ce4cffc3de85ed158c3de131cca1ae28bf8359ed3ed300d0a
eb2798553d86c6b1806d208320f645bd79eab0cebcf22176bddbc648e8f3ccd4
ebb833b0f0e6988ea53077a286f0b6570b39b8515d6a83fbac96e957779b6796
ec54cb9c1e6e49f695f6adf5186507736c8e7f8a800b811a1498d025ae0a4b15
ec67c96a82d0f22d7f1eca1409178a42a10567c9398fc1239f8d6eb140a63b8d
ee1c191eca53bf9c56a2a13712a48ac9a3def467d15607be90fe26d5657a8fdf
ee4087c6f70d86b78a4cbc631331d48355006da925f1ce387470de42f98f6c41
eed2e76e3f0e29a5452bf4afff5cd766df0dea18a09da0a8b7a074d47a961a9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef53ab4dceb28e261d06d3569177c4f7febcf8167704a357b4adcf39f2d2e6b7
efdf0f107ea2662effe3a896dd5a77da68daf9b2bc71580674f6f6a8704dcc70
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f05ac9ba83369cd58d06d8ee2e5f8d61c040d30d044e20752153f95577627dc6
f1f46bc5e74d9a06f92259fb82899924991b9dc4718ad40209b207e594488fa8
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f29d3f145300fe3cec6dfb6d9fd4767011733be31cb895d92b4a902fe622b162
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f50580c4196611af05b77d395dc3d273cc9b7d84c209e4464f04d3fbf30970e7
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6f65309e99e2a03864460f798241e54f528367d9dd792ee3bbb06d9f699b612
f8d324539e5e3ed220343150897ec8bb5c4bc15ca376261c89802b0a378e4f61
f8f4f341a8530edd47c713b97bf9e93df4b607e88ed76f42c22b3087b4669214
f93483f0aaf24aea4b5534bb8647d22cd9dfcb4d08d2fd1008787bdfb8a6cc47
f946f4389b6864634414bdd4bed921bc848fc8ad75842cb60df9ac803747b39e
f9a77e710766a65976f4537a2e7d2e8686106075dad6fb9c2f217d12a231996a
fa23c9aead9705745404b9f8274a7f6bc54f64c1e5e39fd17f09d571fc624ced
faad544bbecebe01ecce4d07cc9d12a8244dc15dbe9f465efcd1f0f9b7345604
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fb5bbfa45b85a386e997532eefa2bec3d58565ea560d73b003d0520eee8bdabc
fbac2f994f98956a4ddcea7b383a29a8d2a61dc521901a85ef16545c03e28b72
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fd89b90cd11f999e3a84335e93d43897f6a8c89939ec39c6c0d4e1d28665e2e0
fef77413c92d9ec50c89ec071f1ec7315cffe05da2350251c9b28b503d4cf2ae
ff0d4da2bf6d1e6dfd402f2336013c94dc4af4ece767367ab66e9f0d35c2459c
ff3d344610bdb6bb77a825535b4b9077269ce10a1b182b121f6e365ccf9918b1
ff87a70dd99c514bc585e9b9d830d321d24f2461299d874a349e44a042362ce2