www.legiaodosherois.com.br Open in urlscan Pro
2606:4700:20::681a:769 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://legiaodosherois.com.br/
Effective URL:
https://www.legiaodosherois.com.br/
Submission Tags: tranco_l324
Submission: On November 13 via api (November 13th 2021, 1:35:06 am UTC) from DE — Scanned from DE

Summary HTTP 147 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 4 countries across 19 domains to perform 147 HTTP transactions. The main IP is 2606:4700:20::681a:769, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.legiaodosherois.com.br.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 4th 2021. Valid for: a year.

This is the only time www.legiaodosherois.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::ac43:4a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	2606:4700:20:... 2606:4700:20::681a:769	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5f41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:9000:214... 2600:9000:214f:1000:6:9eb2:5cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:5c00:6:5b96:3f00:93a1	16509 (AMAZON-02) (AMAZON-02)
16	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2804:49c:3102... 2804:49c:3102:401:ffff:ffff:ffff:50	15201 (Universo ...) (Universo Online S.A.)
14	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 11	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
4	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
4	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206f:1e00:1:bcff:6780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2804:49c:3403... 2804:49c:3403:2676:ffff:ffff:ffff:6	7162 (Universo ...) (Universo Online S.A.)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
15	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
12	142.250.186.33 142.250.186.33	15169 (GOOGLE) (GOOGLE)
3	142.250.186.36 142.250.186.36	15169 (GOOGLE) (GOOGLE)
9 12	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6 12	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
2	200.187.199.64 200.187.199.64	7162 (Universo ...) (Universo Online S.A.)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
147	29

1 2606:4700:20::ac43:4a41 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

legiaodosherois.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700:20::681a:769 (United States)

ASN13335 (CLOUDFLARENET, US)

www.legiaodosherois.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
silphco.legiaodosherois.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.legiaodosherois.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kanto.legiaodosherois.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5f41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:214f:1000:6:9eb2:5cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

legiaodosherois.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:5c00:6:5b96:3f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tm.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3102:401:ffff:ffff:ffff:50 (Brazil)

ASN15201 (Universo Online S.A., BR)

me.jsuol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.33.220.145 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-10162-1.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:1e00:1:bcff:6780:93a1 (United States)

ASN16509 (AMAZON-02, US)

udr.uol.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2804:49c:3403:2676:ffff:ffff:ffff:6 (Brazil)

ASN7162 (Universo Online S.A., BR)

t.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.33 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.36 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.34 (United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2.18.234.21 (Frankfurt am Main, Germany) 6 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 200.187.199.64 (Brazil)

ASN7162 (Universo Online S.A., BR)
PTR: 200-187-199-64.static.uol.com.br

s.dynad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	185 KB
31	doubleclick.net 9 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	283 KB
29	legiaodosherois.com.br 1 redirects legiaodosherois.com.br www.legiaodosherois.com.br silphco.legiaodosherois.com.br analytics.legiaodosherois.com.br kanto.legiaodosherois.com.br	434 KB
15	fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	25 KB
12	casalemedia.com 6 redirects dsum-sec.casalemedia.com	11 KB
11	adnxs.com 3 redirects ib.adnxs.com	33 KB
7	jsuol.com.br tm.jsuol.com.br me.jsuol.com.br	154 KB
4	google.com adservice.google.com www.google.com	424 B
4	rubiconproject.com fastlane.rubiconproject.com	5 KB
3	googletagservices.com www.googletagservices.com	109 KB
3	dynad.net t.dynad.net s.dynad.net	55 KB
3	uol.com.br tm.uol.com.br udr.uol.com.br	1 KB
2	tailtarget.com tt-10162-1.seg.t.tailtarget.com m.t.tailtarget.com	639 B
2	disqus.com legiaodosherois.disqus.com	3 KB
1	googleapis.com imasdk.googleapis.com
1	2mdn.net s0.2mdn.net
1	google.de adservice.google.de	424 B
1	google-analytics.com www.google-analytics.com
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
147	19

	Domain	Requested by
16	pagead2.googlesyndication.com	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
14	ka-p.fontawesome.com	kit.fontawesome.com www.legiaodosherois.com.br
13	securepubads.g.doubleclick.net	tm.jsuol.com.br securepubads.g.doubleclick.net www.googletagservices.com
13	silphco.legiaodosherois.com.br	www.legiaodosherois.com.br silphco.legiaodosherois.com.br
12	dsum-sec.casalemedia.com	6 redirects googleads.g.doubleclick.net
12	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net
12	tpc.googlesyndication.com	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com tpc.googlesyndication.com
11	ib.adnxs.com	3 redirects tm.jsuol.com.br googleads.g.doubleclick.net
11	kanto.legiaodosherois.com.br
6	googleads.g.doubleclick.net	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com www.legiaodosherois.com.br
6	tm.jsuol.com.br	silphco.legiaodosherois.com.br tm.jsuol.com.br tm.uol.com.br
4	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	fastlane.rubiconproject.com	tm.jsuol.com.br
3	www.google.com	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
3	www.googletagservices.com	8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
2	s.dynad.net	t.dynad.net
2	udr.uol.com.br	tm.jsuol.com.br
2	analytics.legiaodosherois.com.br	silphco.legiaodosherois.com.br
2	legiaodosherois.disqus.com	silphco.legiaodosherois.com.br legiaodosherois.disqus.com
2	www.legiaodosherois.com.br	static.cloudflareinsights.com
1	imasdk.googleapis.com	s.dynad.net
1	s0.2mdn.net	www.legiaodosherois.com.br
1	m.t.tailtarget.com
1	t.dynad.net	www.legiaodosherois.com.br
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	tt-10162-1.seg.t.tailtarget.com	tm.jsuol.com.br
1	me.jsuol.com.br	tm.jsuol.com.br
1	tm.uol.com.br	tm.jsuol.com.br
1	www.google-analytics.com	www.legiaodosherois.com.br
1	kit.fontawesome.com	silphco.legiaodosherois.com.br
1	static.cloudflareinsights.com	www.legiaodosherois.com.br
1	legiaodosherois.com.br	1 redirects
147	33

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.instagram.com
twitter.com
t.me
www.tiktok.com
instagram.com

Subject Issuer	Validity	Valid
legiaodosherois.com.br Cloudflare Inc ECC CA-3	`2021-06-04` - `2022-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.jsuol.com.br Amazon	`2021-10-02` - `2022-10-31`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.uol.com.br Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.dynad.net RapidSSL RSA CA 2018	`2020-05-11` - `2022-07-10`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.legiaodosherois.com.br/
Frame ID: 1887FCA90060976D63C7A427AEFEDAC1
Requests: 92 HTTP requests in this frame

Frame: https://tm.uol.com.br/mercurio.html
Frame ID: E58B2BCD5A0CB06DB4D44CBAC730D68D
Requests: 2 HTTP requests in this frame

Frame: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CDD1CB62D2234AB763FEAD463AB92E35
Requests: 1 HTTP requests in this frame

Frame: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DF30810194D093302930034F3D6EBADD
Requests: 13 HTTP requests in this frame

Frame: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0AE5D97EC04614CC51660EF494540EB8
Requests: 14 HTTP requests in this frame

Frame: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 22621427007EF7D8706CB8901313E1A6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWgVuiIjUX6bVaernWfgWF1zHQUsag7jWUGIkuLE4GYJtu2KG74mxYbysRInp4Hcox3JpKhfa1Gb36f-dOJ2XG4rCSAwzfHE5nXOs23pFR1euURAg0SVhGMeZAABQ7UTMtq46UCh58-V2WCd96JmQLGJexIHY1mrHt_1cSY-_WznsuQc4U
Frame ID: FB4FD8A9D834233C4C73EB27E1B7442B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioY_qmBuQEwAQ&v=APEucNXyiqPihAiY1CC3D8OVcea1ucnnD1SzASLA9XrdNsf5Strx0cRX0H4CCZGh0kDbdynO3xNv3pE5V0Zwgl9c3fHa7kzR98Pdd_18qXXBiLARoSGsXrPM6BI3f5cPZAJBaCGc7LcfzVbuIRpfOUMFPQBT7lDM89AWs21vLacEKrfuG_oZqgw
Frame ID: 92B2E6F2F30A9EA86302D9DBB81AF20A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWGsT5Uf1FSRoVzUuwO9gGWSN7BGUo7E8tXJUW-7iR-BJ2vmVAYb3cMryhXEjmNi6KirnaLTqUIT3jhIEyuG-JIdui5Wwh_tSAcZB1HVmosZCi6XNn2rt4EY-TwOL_NJomHqQtF5bAIbYIXq6AZ54lrDXJu0xE4ReADtqxLyhXf4vnvm7k
Frame ID: 31AD4C99E938AAF2EFA18D6AEF43B646
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3E1297AACD502C484C32EAE7D588836A
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1DA76A18345FA5FDFFCFB4CEC2EBF0D4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 84AA6337C4E43338F7BB06EDC7930C84
Requests: 3 HTTP requests in this frame

Frame: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Frame ID: B8E5E7BA1261A65A3F4701682D307F92
Requests: 1 HTTP requests in this frame

Frame: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Frame ID: D5D23C3ACBBDE8093C4768D974DFEC86
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Legião dos Heróis - Sua fonte heroica de informações e entretenimento!

Page URL History Show full URLs

http://legiaodosherois.com.br/ HTTP 301
https://www.legiaodosherois.com.br/ Page URL

Page Statistics

147
Requests

90 %
HTTPS

52 %
IPv6

19
Domains

33
Subdomains

29
IPs

4
Countries

1294 kB
Transfer

3252 kB
Size

17
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/user/ALegiaodosHerois

Search URL Search Domain Scan URL

URL: https://www.instagram.com/legiaodosherois/

Search URL Search Domain Scan URL

URL: https://twitter.com/LegiaoDosHerois

Search URL Search Domain Scan URL

URL: https://t.me/lh_legiaodosherois

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@legiaodosherois

Search URL Search Domain Scan URL

URL: https://instagram.com/vinerz
Title: @vinerz

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://legiaodosherois.com.br/ HTTP 301
https://www.legiaodosherois.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

Request Chain 124

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Request Chain 125

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

Request Chain 126

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

Request Chain 127

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Request Chain 129

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

147 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.legiaodosherois.com.br/
Redirect Chain

http://legiaodosherois.com.br/
https://www.legiaodosherois.com.br/

85 KB
21 KB

545ms
491ms

Document
text/html

2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaf9541e96f36c624ca849ddd347f8f5c7e86dfdb232e954ae35f1e68eef883f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Cookie
link: <https://www.legiaodosherois.com.br/wp-json/>; rel="https://api.w.org/"
x-blaze-cache: HIT
x-page-speed: blaze
cache-control: max-age=0, no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rd3IcztUDL89z5N5qFuj6hLs%2FfByYDk1rfR5pTLvnW0pTB0hxy%2Fos%2BGyg%2BV%2Fu0Y5IKJcKJnQsCiYW6WiaWK1aQe0eWE94CFyFcsLzwy%2FMaMiRfb2oS5OhvE%2BA1UByqhk%2BvgTqvQsG1l4YV8u00o%2FpUatDrITCu%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ad442bb2aa52bca-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 13 Nov 2021 01:34:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 13 Nov 2021 02:34:57 GMT
Location: https://www.legiaodosherois.com.br/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoQ%2FDQkd22QocbB%2FxFOAAsxnN%2FhdUbuEp%2BizuBOPBMhgXP%2FjfJ4rCd0sCiSbu%2BajzyXJhUp3%2Fj%2BY%2FoOXrdILQuXSmISZwrD3ISnRmJttM880lCwTV9SSrI1GU5FLqgRkQs3ly7x0VobnH%2FTvBPdR4blz164%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ad442baba995c85-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 full.svg
silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/lh-logo/ 6 KB
3 KB 38ms
28ms Image
image/svg+xml 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/lh-logo/full.svg
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75433a0f82b120f56634f2feb08aabb26f8c829f4c3480c44bfafc6703c93976

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Mar 2021 11:26:44 GMT
server: cloudflare
etag: W/"605338f4-1815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpVoKxxnMpSUJ%2BqGV5WDgsl2L9CPqky1hUyGTR9WRX%2BpjOgv1xbl1v4OK5FlX093Cv4gnNmCB%2BYAQJKwfueJpMx1ogvxpJ3qUmPaakJrUmjKwwcuS775ZoJOSPEhlLE%2BJU0ixQ63gZo2jQkxvu6GstIlIrvJLroiwzeezw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
cf-ray: 6ad442be7d802bca-FRA
expires: Fri, 03 Dec 2021 07:32:25 GMT

GET
H2 200 lh.svg
silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/lh-logo/ 4 KB
2 KB 37ms
28ms Image
image/svg+xml 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/lh-logo/lh.svg
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac70914f7ee5f77718eacaeaa05138417e8e7b529a4ed9d22745b458c198b15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 669753
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Mar 2021 11:26:44 GMT
server: cloudflare
etag: W/"605338f4-f79"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTNPhNzrqsTUshDHMhvGah6%2BeyXMki%2B%2BOJcgqlZYewFNTB%2BSyNO%2B0gXdJ6h2pdRNvTlWt6U9DtpZEA9QyZtd0KJjzdi7jxGbmV2Su8roSWHoK%2BnSXYrpISSXc0vQwoEUX%2FU1K3fMU4l8FIMIZJQO0bq7W8eDotlmJ7Vo3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
cf-ray: 6ad442be7d812bca-FRA
expires: Fri, 03 Dec 2021 07:32:25 GMT

GET
DATA 200
OK truncated
/ 683 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9814dccb6f91dd8b95b29fdfb9cbc98379e8121baf0fefeb12674321a1af7276

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET A.ragnarok.aa3171846f6629cadf50.css.pagespeed.cf.Bh0LnyF9Red4qDOnLZ8u.css
silphco.legiaodosherois.com.br/frontend/dist/ 0
0

GET
H2 200 montserrat-v13-latin-700.39d93cf6.woff2
silphco.legiaodosherois.com.br/frontend/dist/fonts/ 19 KB
19 KB 56ms
25ms Font
font/woff2 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silphco.legiaodosherois.com.br/frontend/dist/fonts/montserrat-v13-latin-700.39d93cf6.woff2
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 670203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19480
last-modified: Thu, 18 Mar 2021 11:26:42 GMT
server: cloudflare
etag: "605338f2-4c18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uof0%2BFAxN1F24qpYbBfmhpgYN0dNPThIgjcccTdSZR%2FVOhGNAdjA7f8r9XsMhYxbDEKqDS98X%2BvKmvk%2FHxlfjwGX5sH3CF4A68%2BMSFs4heKqyKaF%2FQ2CjQvcsT7wdiol4wE%2FLaGweJ69g4ppEc4xISX2an0GEbNP1PqqbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
accept-ranges: bytes
cf-ray: 6ad442be9be4693d-FRA
expires: Fri, 03 Dec 2021 07:24:55 GMT

GET
H2 200 lato-v15-latin-regular.b4d2c4c3.woff2
silphco.legiaodosherois.com.br/frontend/dist/fonts/ 23 KB
24 KB 46ms
16ms Font
font/woff2 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silphco.legiaodosherois.com.br/frontend/dist/fonts/lato-v15-latin-regular.b4d2c4c3.woff2
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1296834
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23484
last-modified: Thu, 18 Mar 2021 11:26:42 GMT
server: cloudflare
etag: "605338f2-5bbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyusRZUTauSTQQOUl3TRyy6D6YOaLpUu%2FZMp91%2BdjSkWCbXcbZRUcw8Hv9AdeZIXdMJ6VQo93lzWEQ1Xyep1G%2Bp8dKLWHJfP%2BFjqL2I2gtxxSWp3wo9i5RJvXj%2Bal2zSBCBzCXn2YYDpRINkWqNlkJ1dtDUu9iNHrYKG%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
accept-ranges: bytes
cf-ray: 6ad442be9be5693d-FRA
expires: Fri, 26 Nov 2021 01:21:04 GMT

GET
H2 200 lato-v15-latin-italic.117e995c.woff2
silphco.legiaodosherois.com.br/frontend/dist/fonts/ 24 KB
24 KB 42ms
22ms Font
font/woff2 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silphco.legiaodosherois.com.br/frontend/dist/fonts/lato-v15-latin-italic.117e995c.woff2
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 670203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24440
last-modified: Thu, 18 Mar 2021 11:26:42 GMT
server: cloudflare
etag: "605338f2-5f78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i0pbfYk8Tc2FImGKduRv8uX2PscSlfq7GeGBHIeYFu7vELILCDYJb%2BI1sYE2mUCLvjSlRoLchz5PbKkkTRb2fy3iuAth0B9n6F3EmtfzXgFk6L3YJQQbnIJ%2BIHJ5HDF4dC2p%2Bk9achN8Lqd2lF%2BZTesLbwHETZlilKO3Cw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
accept-ranges: bytes
cf-ray: 6ad442be9be6693d-FRA
expires: Fri, 03 Dec 2021 07:24:55 GMT

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 925 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba2fbd60c80114157bdc98339685d15fa6f82125ecc1aba3e9b964b2c1c06bfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 886 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d96230e202a579b678dcb8699a4e8911d952d9a93bbbfcc7e238bf08df8d788

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 451 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0cf406bc7aa0626f501b81d23c99bcb3c4431105145f2f44ac4f7d337e0377d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 805 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37afba5f3411568fc2dbeec662042ca17b4fc2d0110a4894d793e6ca6f2cf834

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 724 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b95521dc97baf1f435c4a673472223fd090c701c8a8f03a97d39f030a095b32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 822 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949028d1752f71539cc6437d0b0e5a80d061a9bc1ac239cd7a4b334512bbc58a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H2 200 lato-v15-latin-700.1efbd38a.woff2
silphco.legiaodosherois.com.br/frontend/dist/fonts/ 22 KB
23 KB 32ms
31ms Font
font/woff2 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silphco.legiaodosherois.com.br/frontend/dist/fonts/lato-v15-latin-700.1efbd38a.woff2
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 670203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22992
last-modified: Thu, 18 Mar 2021 11:26:42 GMT
server: cloudflare
etag: "605338f2-59d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItsfmHf1T7wwHtPvBKj9mC4zrlxKua1iJ%2BK2Zb%2FoYxf8Z%2BddsCw1gm4iM7XIMg4e5kXG2Gfr9zpaKc%2BrdAXHw46UnRRkqjSrl57GyHA4I%2FafJ81yzDevdWHc8bf2aiYfECYYiu2Nlx3cD5ruzer3ZkloCUrBSde3JGBWaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
accept-ranges: bytes
cf-ray: 6ad442bfbd45693d-FRA
expires: Fri, 03 Dec 2021 07:24:55 GMT

GET
H2 200 lato-v15-latin-700italic.5ce0990b.woff2
silphco.legiaodosherois.com.br/frontend/dist/fonts/ 24 KB
24 KB 30ms
30ms Font
font/woff2 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://silphco.legiaodosherois.com.br/frontend/dist/fonts/lato-v15-latin-700italic.5ce0990b.woff2
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 967797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 24428
last-modified: Thu, 18 Mar 2021 11:26:42 GMT
server: cloudflare
etag: "605338f2-5f6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgnjn6i%2BHJpGNs%2FX9YJZiIF5VkgXhGx%2F9fW0PX6EXPstPObbDpf75DHEmf8lZb6XRv1Oc6XYMrrAvgwHf%2F7QxhxICMu%2FBtkKHqYNHkgKtaejnIy6seW2GEqFWdjudaiu7SlPkPWMoVjkd%2F47a3z32gS4OxxC6IWw9T69Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
accept-ranges: bytes
cf-ray: 6ad442bfbd4e693d-FRA
expires: Mon, 29 Nov 2021 20:45:01 GMT

GET
H2 200 maze.svg
silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/ 3 KB
2 KB 26ms
24ms Image
image/svg+xml 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://silphco.legiaodosherois.com.br/wp-content/themes/legiao3.0.0/images/maze.svg
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87aeb6c0c15eb09c6c3e1c79ea5f1fa6cf9808e196baa8c182e22bbfded9f1ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 862958
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 18 Mar 2021 11:26:44 GMT
server: cloudflare
etag: W/"605338f4-c56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bI9mzoprqs7%2BHn9yoUDjaDHse0ARn9DPdVwfXt9yIhjo5lUBrFyJf%2FSJKsTq34nqFTA%2ByEUQ8h130ze%2FnY3gZviaOgMA8xY78u7gO2jP01Qw85hzWsXdBg313TeVJqYgHr0IS2X6rNmzuUgDLnNitsRY4156hcbT04H0jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=10
cf-ray: 6ad442bfde902bca-FRA
expires: Wed, 01 Dec 2021 01:52:20 GMT

GET
H2 200 js_defer.I4cHjq6EEP.js Show response
silphco.legiaodosherois.com.br/pagespeed_static/ 12 KB
5 KB 27ms
27ms Script
application/javascript 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silphco.legiaodosherois.com.br/pagespeed_static/js_defer.I4cHjq6EEP.js

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2157363
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Oct 2021 02:18:55 GMT
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EI6dRQfL9cBheBmlO8hB8EgajbhF19laOkZIC3AaYD6mVXUMVRPCazArDbBAeDld%2BhHQuJAuQ7%2BRq3OWbE8GIFyaQD1PMGIbO9g5x%2BAqcYjnLRwcfopvFaAHdX7PL5YdX1bptxJ3N%2Fwp2vQyabuCiU69TduyBBB2ngJ8Xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 6ad442bfde932bca-FRA

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 83ms
46ms Script
text/javascript 2606:4700::6810:5f41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5f41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Referer: https://www.legiaodosherois.com.br/
Origin: https://www.legiaodosherois.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: gzip
last-modified: Fri, 22 Oct 2021 22:23:12 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6ad442c008862be9-FRA

GET
DATA 200
OK truncated
/ 895 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04efefb2b2abaaa5b113d65d0e690cd2a60d7f47e39acd01c073a2dda53c5ecf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 604 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f46cccdb94faa64c9f05492518c01533a67b9abbfa18bc6ab6d30ecd311a5080

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 663 B
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33942699c56dd95cbd83fe1e97fb7340394ab421d6c999c015fb85cdbffd42d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/jpg

GET
H3 200 A.ragnarok.aa3171846f6629cadf50.css.pagespeed.cf.Bh0LnyF9Red4qDOnLZ8u.css
silphco.legiaodosherois.com.br/frontend/dist/ 70 KB
13 KB 44ms
33ms Stylesheet
text/css 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silphco.legiaodosherois.com.br/frontend/dist/A.ragnarok.aa3171846f6629cadf50.css.pagespeed.cf.Bh0LnyF9Red4qDOnLZ8u.css

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2175aaf0c5cd4cf76e7bc3a32446facc33749b4767682427358d2a1d5f42da0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 72045
age: 1409491
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-page-speed: blaze
last-modified: Sun, 24 Oct 2021 16:21:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9DKoc%2FpRgKQfPmRIdudAJ3jnuWKGI%2BelIhibUz6HWuMqVGE6Kua5UWIAxsaGeRt5uLg3ML%2FJ0CTzMab%2F%2FFLWXw3dHSeoqmw9RkQUwbyLXazzAcaow5EwYIkSkohWEvokBWXEoiNe5SAR1k6AG8JUyvcP7FDZhmqZ4tNDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: private, max-age=31536000
cf-ray: 6ad442bffbd57034-FRA
expires: Sun, 24 Oct 2021 16:51:35 GMT

GET
H3 200 ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js Show response
silphco.legiaodosherois.com.br/frontend/dist/ 191 KB
67 KB 21ms
20ms Script
application/javascript 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js

Requested by

Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c61f24c091dfec7a805c32bd078020ced2afe532e058b4dda64a016827f9be02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 196059
age: 1372313
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-page-speed: blaze
server: cloudflare
etag: W/"0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qPmiXpIDFTyhrOQ%2Fz2Lbd%2F7yM3TTdb%2FjXzeI%2Bw%2F1IwxbSfmshrhQXsjH2epMogGvcRRoZ6hqIFpviBZSSp0ZNtDOhhzVXwMRix%2F15qYXv7eWImTvOhso6XwxjsQBv5ra0ldylbsLF3FabQQt0fks5Eddn%2F2tRImc8VaCGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 6ad442c07c777034-FRA
expires: Fri, 28 Oct 2022 04:23:05 GMT

GET
H2 200 uoltm.js Show response
tm.jsuol.com.br/ 199 KB
38 KB 719ms
20ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Requested by: Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/pagespeed_static/js_defer.I4cHjq6EEP.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 31a983668acb15910a496c3da01b97d99927b025faadd4e1b36f8c5119fc1949

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:14:52 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 14:24:13 GMT
server: marrakesh 1.16.6
age: 1207
etag: 1299a3a5127b9e5b63a0bcd3be7916f0
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 38821
x-amz-cf-id: 9ahoZcPKlj4JSUJXWGfVvNMpVQaJWqXmE9w5nY95yb6sBxy0A3YyGw==
expires: Sat, 13 Nov 2021 02:14:52 GMT

GET
H2 200 485382faf6.js Show response
kit.fontawesome.com/ 11 KB
4 KB 82ms
29ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/485382faf6.js

Requested by

Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2470c39df28c3c7c1ef5c52fde4498a53f21c35f842e548a517c2b250b7cd4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
cf-ray: 6ad442c0cf8ac29a-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: FqeMSHVDXecBoSMAQExB

GET
H/1.1 200
OK count.js Show response
legiaodosherois.disqus.com/ 1 KB
2 KB 46ms
7ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://legiaodosherois.disqus.com/count.js

Requested by

Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/pagespeed_static/js_defer.I4cHjq6EEP.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:34:58 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 32
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 09 Nov 2021 19:37:00 GMT
Server: nginx
ETag: "618acddc-367"
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
X-Amz-Cf-Pop: DFW3-C1
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: akoJyCmTDxkZvAhuHSww7jBAK3yr9-HSQacCZOyyktHgr40uQThiow==

GET
H2 200 analytics.js
www.google-analytics.com/ 19 KB
0 1290ms
38ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5633
date: Sat, 13 Nov 2021 00:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sat, 13 Nov 2021 02:01:06 GMT

GET
DATA 200
OK truncated Show response
/ 27 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript

POST
H3 200 rum Show response
www.legiaodosherois.com.br/cdn-cgi/ 0
174 B 13ms
13ms XHR
text/plain 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.legiaodosherois.com.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.legiaodosherois.com.br
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6ad442c07c7f7034-FRA
vary: Origin

GET
H3 200 12.a49b134a.css
silphco.legiaodosherois.com.br/frontend/dist/css/ 145 B
752 B 18ms
18ms Stylesheet
text/css 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silphco.legiaodosherois.com.br/frontend/dist/css/12.a49b134a.css

Requested by

Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b841170159fca66c02ebc6eb8be803c52443b8f8ab8048012770ed1785f693e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 145
age: 670203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"605338f2-91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jG6kYK%2BDEvsStaU8dHxrzhX%2FMqhXXzm%2FmTxfGbgMKKvlcFBA5oI%2BT27k21DY4COrgjTppoKY0Y3MjeCNDHG3E097xcdc13OWzCXYFNXb%2Bc5OWbW5Q%2BtAahuhicN%2B2TUXWfjMuy5bOvKMu0onEtXWoj83pnWUlc8GyKEzqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 6ad442c0dd187034-FRA
expires: Sun, 21 Nov 2021 16:08:03 GMT

GET
H3 200 ragnarok.fde28520eb37ca4c83bb.umd.min.12.js Show response
silphco.legiaodosherois.com.br/frontend/dist/ 2 KB
2 KB 17ms
17ms Script
application/javascript 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.fde28520eb37ca4c83bb.umd.min.12.js

Requested by

Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347a91037320dd72a57987bf6c84e628a240cf9e6b4dc68f34e2028640c987fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-original-content-length: 2543
age: 670203
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
server: cloudflare
etag: W/"605338f2-9ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ok0yvjnB8pFyseew1LoG%2FBRwwoiiyqoJUoxyAnuNnWGmZ80F8dAY%2Bj6xRJxE9d1THMRCv3s03JcV9y6UVJMifboX5CFxeGuVRXAoM2ERbcZvjZlJWOvOQaOenNQdPhpccZX3ur%2BTBLYMllDBFtYmv6M5LEeMFRSIRB3KIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 6ad442c0dd1a7034-FRA
expires: Sun, 21 Nov 2021 10:40:46 GMT

GET
H2 200 trends Show response
analytics.legiaodosherois.com.br/api/facebook/ 2 KB
1 KB 238ms
229ms XHR
application/json 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.legiaodosherois.com.br/api/facebook/trends
Requested by: Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 598e42a96a7b982f55188fb941581905eb122f91c120c242c2992423a8828378

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37ySIe5jeAI5Krd0kMu5g4UiTAEXy3FL8B33ZOiRaB3i5yf5NngpqwcMmQTccKuN6SVBE5Z%2BFJ5gEnblFj5jg6aCuKNPaXBm7WbqEj7irC7Hku42WxE2LZG9y6l8j6AX%2BzN4gWRlBbck5CS95hxo9LTYH0oh3ds%2FMRC2I%2B1b"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
cf-ray: 6ad442c10ecc693d-FRA

GET
H2 200 weekly Show response
analytics.legiaodosherois.com.br/api/google/ 3 KB
1 KB 233ms
224ms XHR
application/json 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.legiaodosherois.com.br/api/google/weekly
Requested by: Host: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/frontend/dist/ragnarok.aa3171846f6629cadf50.umd.min.js.pagespeed.ce.OupyQeohQftJosNw1G6U.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20709d95e2abaf708e3578941c4c4c9aba4918638ebd5a900f449b244dad3d9

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
via: 1.1 vegur
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsjFONysoh7UdD6EKzbbd%2F1kQKFqc9yslhhaEFpJB9GG6TS65mIUgCKe0CGgEKpGHI91ja1X1kOdgUI8Grr%2FykNxU6fh3g3%2F%2FSXZRsCRde1VdZyASSPbBORRBkWdXw3mI9KIJGxcPNZcFaWOIcuRV7SbKlDVNjCF0P3xSj%2Fo"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
cf-ray: 6ad442c10ecf693d-FRA

GET
H2 200 legiao_mGpjnZC2zANi87Ec9al_5y4ufbWrhHBKDFJw6xV03T.png.jpeg
kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2017/11/ 505 B
864 B 364ms
352ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2017/11/legiao_mGpjnZC2zANi87Ec9al_5y4ufbWrhHBKDFJw6xV03T.png.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27be52e7a359ed04255249833fc810567dad63f86096a06ac3e71864c9137921

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Sat, 13 Nov 2021 01:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnwAG%2Fliv99LMUlKCWfzrIltGY8Uj40qj2aACBP3%2BJIqeldIodCfcCu4uPBP07YoqFoh80cjYIi9l99H94eyscOdimfmiq66%2FmkBsWY8d0yYi6pVwdwqyN2veuQQILyXAfuvTXu%2Bn8rg%2FS3VIjdNJrSTT2s%2FAiYgDJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad442c298d92bca-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 legiao_YgZSIzrAE_Ke.jpg.jpeg
kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/ 832 B
1 KB 29ms
18ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/legiao_YgZSIzrAE_Ke.jpg.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17b4a304e5b2fda6fb7c07c294962b965b26018ddfd240ec866bafa4791c671a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416757
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Nov 2021 05:49:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrfgG3q9fk8JdDy9ktiS6YDsClZtWgKUzXE9tdyEO5vdsp%2Fz5EHDVKF%2FgolR14uNHQO7t6Haef9ZXic55VcsxI36On1wjwl2Ff8kUDyBud3oF%2FAYqqO8aA72Ua4LUrqnNYh3cmq9mws3NEQhm2iFOW2KOaFIG9R0Bt0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c298d72bca-FRA
cf-bgj: h2pri

GET
H2 200 legiao_86_7tblzrkMK.png.jpeg
kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/ 646 B
984 B 30ms
20ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/legiao_86_7tblzrkMK.png.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5fd22fc12755f1cfb5b8cc3366d2037bd027ef9e96f16f02533dd4cbc043c3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322224
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 08:04:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaHkFYcQ6sFMMVzuUILjGuKHSA1cKSg9XUpBmfBrLDOzBTkpSftWNzEUp9pngQKxW8eIRDfsQW5DgtJzMj69gXdc5cplYVTM%2BIPNPRFwAz7GNuZS7OyogfkGbBARy8kQfM40DqpdfNu2Be%2BizYJSOAYrs6aLUgKVTHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c298d52bca-FRA
cf-bgj: h2pri

GET
H2 200 legiao_8b_uE6Y5PkQi.png.jpeg
kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/ 716 B
1 KB 26ms
15ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w80-h42-gne-cfill-q15/wp-content/uploads/2021/11/legiao_8b_uE6Y5PkQi.png.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8554f4b0b9673c6d5e9dfcad8d9c6ff2b635131552028bedca1383129682677f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:58 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200266
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbUoz5I6kAWgsqK%2FPdH2ofvennNVb5ewb3uoCkoB4PwHNENRKypFpMxWg4NgpnUhxKKmwxDaP2MPd%2FZjnv3u8%2BQ9wg%2FogaszPAzbku3e%2BO6FE7yHCUJCj7ETSnx4SZpU1Ly9hRWkDUPtUDulJb3cnrVTHUJRGt7MK0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c298d82bca-FRA
cf-bgj: h2pri

GET
H2 200 mercurio.html Show response
tm.uol.com.br/ Frame E58B 197 B
682 B 322ms
10ms Document
text/html 2600:9000:206f:5c00:6:5b96:3f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.uol.com.br/mercurio.html
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:5c00:6:5b96:3f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

content-type: text/html;charset=UTF-8
content-length: 173
server: marrakesh 1.16.6
last-modified: Wed, 28 Jul 2021 19:15:10 GMT
content-encoding: gzip
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
date: Sat, 13 Nov 2021 01:34:59 GMT
expires: Sat, 13 Nov 2021 01:37:32 GMT
cache-control: no-transform, max-age=600, must-revalidate, proxy-revalidate must-revalidate, proxy-revalidate, no-transform
etag: ba5203ce522cc70a434e9a70452ca145
x-cache: Hit from cloudfront
via: 1.1 6b38a2e1db230db568190464ab7177db.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 5oVee63lxLjt2KaR4mm_zVkncOvxIGfcOUnJK7S31gZuUS5FPni2zg==

GET
H2 200 Prebid.js Show response
tm.jsuol.com.br/modules/external/ 256 KB
81 KB 10ms
9ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 312e7c664cee8c126ad1b394f94ba759ecf716b4b1e1631bffdcc9dff4cea106

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:56:00 GMT
content-encoding: gzip
last-modified: Fri, 24 Sep 2021 18:23:28 GMT
server: marrakesh 1.16.6
age: 2339
etag: bfa12e369285116046fae6851cb22dc8
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 82231
x-amz-cf-id: iCaL61HtIodY6MMFATwC15_a03_HR9Fu00IiggEqBFVwdS2cxw7G6g==
expires: Sat, 13 Nov 2021 01:56:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 133ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1042 / 416 of 1000 / last-modified: 1636758328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26742
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 01:34:59 GMT

GET
H2 200 profiles.js Show response
tm.jsuol.com.br/modules/external/tailtarget/ 13 KB
6 KB 23ms
22ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:31:49 GMT
content-encoding: gzip
last-modified: Wed, 28 Apr 2021 17:51:00 GMT
server: marrakesh 1.16.6
age: 190
etag: ecbae16720fa9548b931f719328b1c88
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 5277
x-amz-cf-id: y_-a1mzmeBfhRIvBTT6fmX9N_OE3E8xQTrPk3sOavXxKlkLMcqnoOQ==
expires: Sat, 13 Nov 2021 02:31:49 GMT

GET
H2 200 CT-10.js Show response
tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/ 133 KB
18 KB 21ms
20ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/external/tailtarget/t3m/TT-10162-1/CT-10.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:00:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Oct 2021 17:12:31 GMT
server: marrakesh 1.16.6
age: 2073
etag: 34e760100b26b8b0e005dfeb1ded6103
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 17488
x-amz-cf-id: jARQiXhOk4_CjNEJGbWqXzjnxhPS48S_SFByLf-RnFuz1K-gsyGzPA==
expires: Sat, 13 Nov 2021 02:00:26 GMT

GET
H2 200 legiaodosherois.js Show response
me.jsuol.com.br/aud/ 15 KB
6 KB 872ms
197ms Script
application/javascript 2804:49c:3102:401:ffff:ffff:ffff:50
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://me.jsuol.com.br/aud/legiaodosherois.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2804:49c:3102:401:ffff:ffff:ffff:50 , Brazil, ASN15201 (Universo Online S.A., BR),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 613de92ecdf01dd6178ab859147c5083547c73c9b37183d8c9633292932f65c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 16:53:59 GMT
server: marrakesh 1.16.6
etag: 04528151f166278a187df1a49509d16b
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, private, proxy-revalidate, no-transform
content-length: 6356
expires: Sat, 13 Nov 2021 02:35:00 GMT

GET
H2 200 dmp-uol-sync-p.js Show response
tm.jsuol.com.br/modules/ 8 KB
3 KB 14ms
14ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/uoltm.js?id=2jdlb3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 71c0d01b58340e2f3b93195cf397530548c4a1c47c2dd06658d4d6ab885411b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:27:32 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 13:40:36 GMT
server: marrakesh 1.16.6
age: 447
etag: b7fbda3f0a60aa6ee56d19ae34924e16
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop: FRA53-C1
content-length: 2864
x-amz-cf-id: wNLCvyIGJsaJzwPFmLh5ClS9PG_MOMKHGF699NC4_Pjsng26pvdx9g==
expires: Sat, 13 Nov 2021 02:27:32 GMT

GET
H2 200 pro.min.js Show response
ka-p.fontawesome.com/releases/v5.15.4/js/ 40 KB
14 KB 49ms
18ms Fetch
application/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=485382faf6
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/485382faf6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
age: 4339665
etag: "610ae215-37b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6ad442c599525373-FRA
content-length: 14264

GET
H/1.1 200
OK count-data.js Show response
legiaodosherois.disqus.com/ 476 B
1 KB 106ms
106ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://legiaodosherois.disqus.com/count-data.js?1=688235&1=688346&1=688559&1=688568&1=688578&1=688597&1=688618&1=688625&1=688630&1=688647

Requested by

Host: legiaodosherois.disqus.com
URL: https://legiaodosherois.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8b0a7bf058d37403dc8bbcaacb1e3d1b60518466cb78b9dba1ab7218411d3195

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 01:34:59 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 40
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Vary: Accept-Encoding
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Type: application/javascript; charset=UTF-8
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 476
X-XSS-Protection: 1; mode=block

GET
H3 200 legiao_HU6iOAqLYD1V.png.jpeg
kanto.legiaodosherois.com.br/w760-h398-gnw-cfill-q80/wp-content/uploads/2021/11/ 64 KB
64 KB 685ms
684ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w760-h398-gnw-cfill-q80/wp-content/uploads/2021/11/legiao_HU6iOAqLYD1V.png.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636a54e564701bc95bafa8089fde0dc511761de86adc6dd1e84959bf6b004c5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Sat, 13 Nov 2021 01:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvRnz2raKuQ2nGYQnn1wSUuFRd8ABLS1kY7Y%2B%2FIXMFw3cMzXy2n9ojv%2BHJZTjvL17JskNyfOZN%2BQQpvwRYx9LV%2FHzboUeHcLflYmgkbazhyJeFEm74WOAoj8nlhNcNNS4g4hwytzyQWaxWreMSbF30t96rFgu3y3UhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad442c57b137034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 legiao_JzjmLFw1WgGh-scaled.jpg.jpeg
kanto.legiaodosherois.com.br/w60-h60-gc-cfill/wp-content/uploads/2020/08/ 1 KB
2 KB 356ms
355ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w60-h60-gc-cfill/wp-content/uploads/2020/08/legiao_JzjmLFw1WgGh-scaled.jpg.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12fd58537720a211bd53e54aa85b17ccae5c699a3b5bf83469185c9a5924bb79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Sat, 13 Nov 2021 01:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvLhvm5jylSE83vB5ItwasTCQnG9DTkkKROY1%2FTO%2F3hte8%2B6JezZYbzS9RuW7vxeD3FkZHvQqrYCOtALeogjDsFuuIOPnv5QVpJMwcgAMWHRaq0CexmtzJXpVRtsbxlL%2B1X2G7x6AC1fYPg1b2v16iwFaSRx2vyFMmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad442c57b177034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 legiao_iZBzoP5rlva3.png.jpeg
kanto.legiaodosherois.com.br/w760-h398-gnw-cfill-q80/wp-content/uploads/2021/11/ 82 KB
82 KB 23ms
22ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w760-h398-gnw-cfill-q80/wp-content/uploads/2021/11/legiao_iZBzoP5rlva3.png.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f7814b2f9f13112211ea7efd9b866859661dc2da873b714e3ab2eb4958e9f63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1533
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 01:09:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZIwhdplu3HSW8YmJ4eEdUE0tBA9kLg16C6yORSvGUmHiagZRx53Uwk5CjN%2Fjvu1OyCe4%2Bvcm8Ujl2ww0sooLOSUVHZxiOZXxXUyc0Afih4Do9v5Iaepp2VfF%2F3NNvjW24Gt8rClobW7Ibd0LMogHP%2F9ipVvbzW1PX4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c57b187034-FRA
cf-bgj: h2pri

GET
H3 200 legiao_mGpjnZC2zANi87Ec9al_5y4ufbWrhHBKDFJw6xV03T.png.jpeg
kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2017/11/ 6 KB
7 KB 334ms
333ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2017/11/legiao_mGpjnZC2zANi87Ec9al_5y4ufbWrhHBKDFJw6xV03T.png.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38a9f1ac2b219c9e125559bb3ea8be0a743165e2b782add3c088b6ef9605cd78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: MISS
last-modified: Sat, 13 Nov 2021 01:34:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LvzFRyKnizLZ9qUSq4XHi8yQOQCJCTzn0a%2FBC976VU8CLZlgbBn49x4efaZ5zQOyS0iGkSni5uPjozfoiNbvhNVJ5YIOJEy3CSrX5SeJxqTGmMkX%2BmOkmSYuuxBLuSZ0s2BU5ZEdJA5Wubw3sLPie2OU%2FHGp6iEfpoY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ad442c57b197034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 legiao_YgZSIzrAE_Ke.jpg.jpeg
kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/ 16 KB
16 KB 19ms
18ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/legiao_YgZSIzrAE_Ke.jpg.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2069c7e73ae32fe4b19e0c735bca1d2bf14c3887380ca55510c0fee2a4b6510b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 416758
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Nov 2021 05:49:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcWrjOKd4DkVy92BJILwjmPIM2%2FqB%2FUbkagC3XLj8DaEQXRsd06Cd1l9wG6VQLLwMh87TtRxi1hzhlpAyghjGPRZAkM%2FUTtxzjmPN%2BnT8ZIg45uvdf4BnmXkYQyyIZ%2FV9mVqS7whzp1AFkubFYwTcvO9dSTOmJpw2EA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c57b1a7034-FRA
cf-bgj: h2pri

GET
H3 200 legiao_86_7tblzrkMK.png.jpeg
kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/ 11 KB
12 KB 16ms
15ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/legiao_86_7tblzrkMK.png.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ccb58e7a78c82eff6b9b9bca91c931b578b6eae0142aa24db128d6ef80b6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 322224
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 08:04:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJUdmjyjdrPKI32Ak8uQZpbYFeg1Weft0C5g0FPaJxEdgG08ilLKq6rk2Y66qBk6L1lBrMP81pXCre9rgCb5wlZilXOO%2BpqKBIfFmyIVvwoMfAiH05kSSEs25nbUZln2u%2FQ9dbyfrNtYI5SGnbGFt%2BPGM6AXSutrc8Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c57b1b7034-FRA
cf-bgj: h2pri

GET
H3 200 legiao_8b_uE6Y5PkQi.png.jpeg
kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/ 13 KB
14 KB 17ms
17ms Image
image/jpeg 2606:4700:20::681a:769
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanto.legiaodosherois.com.br/w320-h167-gne-cfill/wp-content/uploads/2021/11/legiao_8b_uE6Y5PkQi.png.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:769 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f1e2ee92317962765cc0555c9e94477c8def25e5d8d12dcf1e807811b88c47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
via: 1.1 vegur
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 17:57:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zha6QMUc%2FfFQpi4sgOivv34kaOVbaZyBEcrZWRDbuIVk9eTvDiFyRPa5p5YzCNMGjNrpk1MBANLBYol8yUaf5Ra2g0nZB0deoLapUfIAOc8LsIYN9Ube43%2BDwa3w0FMbQqW3h0ORO%2BQM1ly3vva2%2Baym0CJwzGGzhWc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6ad442c57b1e7034-FRA
cf-bgj: h2pri

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
832 B 58ms
14ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fa6e3a91b626ad7ece412eac6a05d59fd448ec41cd4435579abe002950bb1cdd

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 0a153e67-47d7-4447-8f7a-0a56ba82c573
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 profile Show response
tt-10162-1.seg.t.tailtarget.com/ 92 B
501 B 155ms
107ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-10162-1.seg.t.tailtarget.com/profile
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/tailtarget/profiles.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 20:26:00 GMT
server: nginx/1.17.8
etag: W/"5e333bd8-5c"
vary: Accept-Encoding, Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
cache-control: private, proxy-revalidate
content-type: application/x-javascript
alt-svc: clear

GET
H2 200 youtube.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 687 B
483 B 17ms
14ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/youtube.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd3324b939db83e4783489b6a1511d1a8a77b6f5f49825557d2a3c79bbbf38fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:25 GMT
server: cloudflare
age: 4339665
etag: W/"610ae225-2af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9815373-FRA

GET
H2 200 instagram.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 1 KB
642 B 16ms
13ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/instagram.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72864f45951701ed5abeff31fff9660ccb7922e687aa201131c2327640146038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:13 GMT
server: cloudflare
age: 4339665
etag: W/"610ae219-473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9825373-FRA

GET
H2 200 twitter.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 1008 B
678 B 15ms
13ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/twitter.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:16 GMT
server: cloudflare
age: 4339665
etag: W/"610ae21c-3f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9835373-FRA

GET
H2 200 telegram.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 513 B
411 B 21ms
18ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/telegram.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93bc2077465686c2cb451e2eb2d90fe780ecc76e73f57db533394df0afdacc44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:16 GMT
server: cloudflare
age: 1296835
etag: W/"610ae21c-201"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9875373-FRA

GET
H2 200 tiktok.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/ 436 B
367 B 23ms
21ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/brands/tiktok.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55cbe47daae2e1d00bd3185c4dd5b23f43c658c3a072cdb369f4080523e222fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:16 GMT
server: cloudflare
age: 4339665
etag: W/"610ae21c-1b4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9885373-FRA

GET
H2 200 search.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 562 B
445 B 20ms
16ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/search.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:25 GMT
server: cloudflare
age: 1296835
etag: W/"610ae315-232"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9895373-FRA

GET
H2 200 ellipsis-v.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 428 B
349 B 19ms
15ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ellipsis-v.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c34b36885fc10bf0cede7dc315bf08c838de093b90d447f41b7407fc5ffa2cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:10 GMT
server: cloudflare
age: 4339665
etag: W/"610ae306-1ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d98a5373-FRA

GET
H2 200 times.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 632 B
400 B 20ms
17ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/times.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85319456d833877d3abd0898544fa2efaf5969b05497e1fb20f2c849d9e439d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:30 GMT
server: cloudflare
age: 4339665
etag: W/"610ae31a-278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d98b5373-FRA

GET
H2 200 home-lg-alt.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 764 B
518 B 21ms
18ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/home-lg-alt.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4366ee4741e187f5d2c0102cdd817bfef9d60eedde1c5da1d7507d026cb8fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:41 GMT
server: cloudflare
age: 4337945
etag: W/"610ae235-2fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d98d5373-FRA

GET
H2 200 clock.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 698 B
446 B 20ms
17ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/clock.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b67b7a6c8a79a68928f62601a3d1979c6a1d1ddc6d7db8254fc3e9f068d33e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:32 GMT
server: cloudflare
age: 1295996
etag: W/"610ae22c-2ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d98e5373-FRA

GET
H2 200 comment-alt.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 433 B
371 B 21ms
19ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/comment-alt.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cce3a5713d8be9ddea5f085135397ca929578a8ce98e392edd149dee250625c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:32 GMT
server: cloudflare
age: 4337945
etag: W/"610ae22c-1b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9935373-FRA

GET
H2 200 fire-alt.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/ 643 B
513 B 20ms
17ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/solid/fire-alt.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e86ac07365d29def580fd69c4ea8f3de4082b847dbe939fad7e784703ef9b60f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:57:11 GMT
server: cloudflare
age: 4339511
etag: W/"610ae307-283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9945373-FRA

GET
H2 200 mailbox.svg Show response
ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/ 846 B
523 B 20ms
18ms Fetch
image/svg+xml 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.4/svgs/duotone/mailbox.svg?token=485382faf6
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 102559dd1a7a29db18b430a3c8824d167da18ac73c275ed5c3cc93140450a097

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 04 Aug 2021 18:53:44 GMT
server: cloudflare
age: 4337945
etag: W/"610ae238-34e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6ad442c5d9955373-FRA

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 47ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Nov 2021 01:34:59 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 107 B
606 B 128ms
44ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.legiaodosherois.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

eb078b04978bc9d4fa60fd881f767fdda79897fbcd2a15a1acd390a8dedd8887

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 95
x-xss-protection: 0
expires: Sat, 13 Nov 2021 01:34:59 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 97ms
97ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d056f88a2fc8638caaa08e3935c638719ccd618b2a4e58af289da69c664bad54

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Nov 2021 01:34:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9a422c09-0ada-43f7-82a9-c5f54524eba8
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 281 B
1 KB 89ms
16ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=42412&zone_id=180806&size_id=2&rf=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=db3f73b7-4b07-4c11-a1a5-f2f8373f36c2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.35106223177264373
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 395b7a72f4c8c65f7a855342299fb39d1b387ba26750f49feecd588931480b50

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 281 B
1 KB 89ms
17ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=42412&zone_id=180806&size_id=2&rf=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=5f24200c-6890-4673-9ccd-86f510de71db&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.36488953166802607
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: f863572cbb6ef275af86231fd6be6eed2cacc5e44d282e74546ec94aae73506d

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 12 KB
6 KB 136ms
110ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1cdb9a6ee843378cddfa5773317bd85c00c57fa332bac3edb9efcdc6e0022283

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Nov 2021 01:34:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 26e7d248-b4b8-46b3-91c4-6346f5d628a9
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 112ms
87ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

aa3a5edaba28c9cc9a5cbe444c48c19fadb55d01fe5432cafd9add561a4bd890

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d625d400-f4a0-4d01-9ed0-26ba659f3de5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 281 B
1 KB 85ms
18ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=42412&zone_id=180806&size_id=2&rf=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=fdab6c2d-0e55-4f38-8b02-278d8e292994&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.28452829551841297
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 59c18f56c7dab01b2936311eb7a4b128a27184cd0560581b3ea38027b4e6aed4

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 281
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 KB
12 KB 161ms
134ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

83842dedf01d4215cb572ad340a8e14fc59ff6685d1b1d366ece441ec70c7ef9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 13 Nov 2021 01:34:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 859b6590-5bb7-4ff5-b935-9bb2cb80f9c6
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 282 B
1 KB 81ms
16ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11976&site_id=42412&zone_id=180806&size_id=10&rf=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=52bf2aa3-5596-4258-82b0-bf346caa35ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.20375423686467053
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/external/Prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 032a9311ef487838f64e1c4c7ad10a8ac844162602cdc38575552ea1eddfbda0

Request headers

Referer: https://www.legiaodosherois.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:34:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.legiaodosherois.com.br
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 282
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 430ms
45ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.legiaodosherois.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 432ms
47ms Script
application/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.legiaodosherois.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 mercurio.js Show response
tm.jsuol.com.br/modules/ Frame E58B 4 KB
2 KB 8ms
8ms Script
application/javascript 2600:9000:214f:1000:6:9eb2:5cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tm.jsuol.com.br/modules/mercurio.js
Requested by: Host: tm.uol.com.br
URL: https://tm.uol.com.br/mercurio.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:1000:6:9eb2:5cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: marrakesh 1.16.6 /
Resource Hash: 1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tm.uol.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:23:41 GMT
content-encoding: gzip
age: 678
x-cache: Hit from cloudfront
p3p: CP="NOI DSP COR NID TAIa OUR IND COM NAV INT CNT"
content-length: 1065
access-control-allow-origin: *
last-modified: Wed, 28 Jul 2021 19:15:12 GMT
server: marrakesh 1.16.6
etag: bed0a7a707f166936e5aaac09879d050
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=UTF-8
via: 1.1 73f3a23156999272233949c078c30859.cloudfront.net (CloudFront)
cache-control: no-transform, max-age=3600, must-revalidate, proxy-revalidate, must-revalidate, proxy-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-pop: FRA53-C1
access-control-allow-headers: X-Accept-Charset,X-Accept,Content-Type,Cache-Control,Etag
x-amz-cf-id: WXocTEVzoQr_35YVGL632vJt1IkSSF9bhD9SIPOuA2jPutN37tJ0sw==
expires: Sat, 13 Nov 2021 02:23:41 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 469 B
771 B 236ms
235ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=3426409270102955&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1350x250&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299789&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=140&adys=160&adks=4037918524&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x970&msz=1320x250&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=4&ohw=1320&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c32cc17a09f4de5c9a46d88105ca49ffefa6a68d8ba9a6f6d1726dc4b02c66b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:34:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 253
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CDD1 6 KB
3 KB 835ms
44ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 01:35:00 GMT
expires: Sun, 13 Nov 2022 01:35:00 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: clear

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 469 B
427 B 343ms
343ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=3426409270102955&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=90x720&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299799&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=140&adys=410&adks=619794814&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x970&msz=90x720&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

11cd0fbdc69f6fe9f07d7e23f676633453c199fce553cca27c173696290eb3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 249
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 469 B
432 B 430ms
430ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=3426409270102955&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=90x720&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dtop%26native%3D0&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299801&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=1370&adys=410&adks=3022897671&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x970&msz=90x720&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

39b965537b8ec8c7e743e2a7bb868d736059c07ce1ded71242eb5a2fddf9f3f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
udr.uol.com.br/ 76 B
558 B 484ms
303ms Fetch
application/json 2600:9000:206f:1e00:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/?scopes=base-assinantes,user-preferences
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: f46965c749a12e2b567392705833b4618b9bc79ec665140115584cda0c2cac7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-C1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-length: 76
x-amz-cf-id: pcySpresOUY6wVVYaHkPJWdgSMFy53wGPxCA-QzHAv0Qeswore7uRw==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 394ms
393ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=1344955815138302&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dtop%26native%3D0%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D1903728ddaaa62d%26hb_buyer_member_id%3D806%26hb_adid%3D1903728ddaaa62d%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.00%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_bidder_appnexus%3Dappnexus&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299861&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=627&adys=10&adks=1696369987&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x0&msz=728x0&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=4&ohw=728&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

303b4a9b150b70f66a8605e9aeb09d046bd953a1a0638b64fd446561fb86b2a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 10323
x-xss-protection: 0
google-lineitem-id: 5822172883
pragma: no-cache
server: cafe
google-creative-id: 556981336778
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
10 KB 287ms
287ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=2009030992168387&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dbottom%26native%3D0&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299879&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=254&adys=2919&adks=584111922&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=745x0&msz=745x0&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d2c9fcb5fbf487c007547d76a53c5cdd6611e473f1e79288f62b1f2cccf30d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 9867
x-xss-protection: 0
google-lineitem-id: 5822172883
pragma: no-cache
server: cafe
google-creative-id: 556849900962
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
10 KB 269ms
269ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=516154483764134&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dmiddle%26native%3D0%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D205e85145bf23c7%26hb_buyer_member_id%3D806%26hb_adid%3D205e85145bf23c7%26hb_size%3D728x90%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.00%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_bidder_appnexus%3Dappnexus&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299899&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=254&adys=1742&adks=1709732524&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=745x0&msz=745x0&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d7e4ca5bd551c7005189554341eacdaa261a47d18dd4a7fc825609a6dfacb7f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 9908
x-xss-protection: 0
google-lineitem-id: 5822172883
pragma: no-cache
server: cafe
google-creative-id: 556981336778
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
10 KB 342ms
342ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2855967748665811&correlator=3468452297877404&output=ldjh&impl=fifs&eid=31060032%2C44748553&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211113&iu_parts=8804%2Cparceiros%2Clegiao_dos_herois%2Ccapa&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600&prev_scp=campaignuol%3D1%26group%3D6%252C13%26pos%3Dtop%26native%3D0%26hb_pb_appnexus%3D0.06%26hb_adid_appnexus%3D21afd4eb94787d2%26hb_buyer_member_id%3D3941%26hb_adid%3D21afd4eb94787d2%26hb_size%3D300x600%26hb_format%3Dbanner%26hb_bidder%3Dappnexus%26hb_pb%3D0.06%26hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x600%26hb_bidder_appnexus%3Dappnexus&eri=1&cust_params=origin%3Dwww%2520legiaodosherois%2520com%2520br%2520%26hasFocus%3Dtrue%26bt%3D9000%26testeab%3Dlazyload-a%26hasMouseIn%3Dfalse&cookie_enabled=1&bc=31&abxe=1&lmt=1636767299&dt=1636767299945&dlt=1636767298278&idt=1451&frm=20&biw=1600&bih=1200&oid=2&adxs=1031&adys=1455&adks=3473877288&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.legiaodosherois.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x0&ga_vid=923228545.1636767300&ga_sid=1636767300&ga_hid=793869474&ga_fc=false&fws=516&ohw=350&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

961e4204593da25ad2a5f8fe44ec83ce645f4391400356b16d5287375b14f48a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 9590
x-xss-protection: 0
google-lineitem-id: 5822172883
pragma: no-cache
server: cafe
google-creative-id: 556981336799
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DF30 6 KB
3 KB 441ms
52ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 01:35:00 GMT
expires: Sun, 13 Nov 2022 01:35:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 200 container.html Show response
8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0AE5 6 KB
3 KB 355ms
46ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 01:35:00 GMT
expires: Sun, 13 Nov 2022 01:35:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 204 store
udr.uol.com.br/ 0
0 356ms
355ms Fetch 2600:9000:206f:1e00:1:bcff:6780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://udr.uol.com.br/store?scope=tt&data=tt_cluster:na;
Requested by: Host: tm.jsuol.com.br
URL: https://tm.jsuol.com.br/modules/dmp-uol-sync-p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1e00:1:bcff:6780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-C1
vary: Origin,cache-max-age
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.legiaodosherois.com.br
cache-control: max-age=86400
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-amz-cf-id: 0RKBw2lVN9R6GVsLt7aVo7suZRUALXuOxe0wEWlLnNzrSZNmuPFMeg==

GET
H2 200 container.html Show response
8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2262 6 KB
3 KB 325ms
49ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 13 Nov 2021 01:35:00 GMT
expires: Sun, 13 Nov 2022 01:35:00 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 200 / Show response
t.dynad.net/script/ 108 KB
34 KB 1212ms
400ms Script
text/javascript 2804:49c:3403:2676:ffff:ffff:ffff:6
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Requested by: Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2804:49c:3403:2676:ffff:ffff:ffff:6 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS
Software: D3-FE5 / DynAd.net
Resource Hash: c6f32a51868e5a7b9ac461e21c5029b5469796447786325ae69ce9bf134ba977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
content-encoding: gzip
server: D3-FE5
x-powered-by: DynAd.net
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
x-dynad-tracker: v1.1.545 Power Stroke
cache-control: max-age=0
content-type: text/javascript;charset=ISO-8859-1
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FB4F 624 B
559 B 441ms
48ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWgVuiIjUX6bVaernWfgWF1zHQUsag7jWUGIkuLE4GYJtu2KG74mxYbysRInp4Hcox3JpKhfa1Gb36f-dOJ2XG4rCSAwzfHE5nXOs23pFR1euURAg0SVhGMeZAABQ7UTMtq46UCh58-V2WCd96JmQLGJexIHY1mrHt_1cSY-_WznsuQc4U

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 01:35:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0AE5 76 KB
32 KB 474ms
84ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp8PSB7LYa8PZF12PJLdWcGVt-VAH84MVvq6YLSgmbod9R5vOxulja-5DMJ9VI6-PCBQi5YfWY9f1aS8ojwE_6SQNazwuQ0KTAahaSPMxv-hOXKProVSHCZGHJdN8XyaRmEsWD4ifOJ1EPvrVOrQSoYmCYPw&dbm_d=AKAmf-BY4lGCyM_2LIcSlWKw1Ia_tuOmvVX_4aKdR3URsrq27tM_A--AyWDmPyfFfzcxgNYSF_WFgeTFheB6-UvpeKCBtxTgtWKJGL0Qwzut14Glf7fvrUih-xatP2i9UzEo_I9bayDhgGW-n_CsRutNujmYv2etvrcjgp2Nx5q7F0wnAUDbfqugImDfNWMppIuN0YM5i61efqtOS4qjgtiM71RaBXXuVkp5_PQp6FlVY9WSjEXNSJ5EOH_HMMgxnfppKxgd3_ADq6-MEmmmr0OLKJY11Lo5KA3uprvy-9D4Dr1MOLsSHD_mUSrMS5EUhB1Gd4dkWLwlQaoALQJ5c1YUAzD-PbN2pMDa7v4i1jbFNkwq2qKIP3ghWly0PrZHA-k5bdOvDZY3pLsX_G7gc0FSGiJRm3oDx8Tqcht_r4SaliqwBv5TUAUbizVd_jqwh5Y8nGwqvoMBvbufzjToYsgUdn8oqKJguUmDWOzBqG-_TpvbCj9jJ6rbVfTcflbzdkn5peeXYpasnkVwUweu3zz46VszbvIANet4IRDP3PzuVM0HRwKSqm2gAS1XM6No_JH0OyhfB8IUxZ2SeZtv6_wKaaGvImr67etVD6Rf9Qd0PpejpBGhyujOyZKMEZKZccOjUOVeL52U510N0rnlRYXD8vctKgxN4WQIFjHYa-XPP9oqmbOpEW2BhJToM1n09JYAA7sohleB0oVf_4iQJ5d2zcM-zf2gyOG9aTdoVrBB3qMyOaDcUu_3ahCZM4A31ZXKRtaPiYlz-MW6TfeNGlTLHcoyE98ZHOWNKf3LsDBMxUPRJID7bUL9fVnSX7-iqYpt0XjSZMrhf0dHpszeqFMl_FgrHEJ13pTxqwR4d8X9yl9DxlHQUb215vIvPEYKv4xCiGlsU74mZcOwIrq9b4Xne3RBsjy3oGAT3JJrc6ZT6KaHQS_2r7SAjdiy1FVGOOlTT_xNnq6LgUgN6KwbNZlDCQPgEpfal9cFxfGTJ8isKf4bH9BTrPELKcswqLKLGAjO2OOQnzxOP97LKDVyYotYpGGT35d8a-VnDDzW2Q3FV2UwGVOyzHkfZi8iIchJ8YJQ3hfmdGAXwJcdJKkmD6Fvow_lFc9FjAFZJJLGXc3DhnBVPjx2evMLKsg_RsefqKplfhcwj4ZRAxr39g-uzxV53Tj7hmocaKNYutkha4hF1oRUbRTc5eVrwmNrSSbFuDJVsKFt6tefkW7US0ph9_42joNdg7qpo7yBpwFXUAbLhCR7sXmDF9bMyCLgSal3L-px_RzCG_Tf9EUwS_X7ODEoFun0NC8D1RBd1e5bQLAttyWNLtjgqLVAKkvI2XZaGjCj3jr_RCFM2NeQO2iE1aRs401mM63X4f6JSeIJfKWfv8ALNzmhioQHTXr1PUIHKqL2oE44sW4IRoCfiXADeqcY7XgJZGynUFe1GH5tGLNIdIFdfnvFrcSIbd9sgz-qvSKrTn8Rq4eZbe3YzfUCPdwIm6V6WL2ltAEJsaSlVo-a6T28eqtRC2lLyg2W6RzwbfjIDeINgw-ZKmp1lsMUI8X7Xl-riAWbDJ5hZRNmDi3hAVdf8zeN8qH805m4x1ZTn7S1taPxL_Kgo-v8uveboOACH6d74xf84ZZfyLUkAGbPNxRnKxvSSnw3SqLPaGZliD6t5fZGUrYGl14t5qvZMvhiT7rOSjZdpoVm0dutiMiacw7ozorfxwi5DZrasM1IjAVsMuXARx3DkuBD341rHoQIEI2OB3qUBnWu4TpZZEAspI2o3zdCT7Lv0d-SrHwwx309juOwEaaQR6DMUfyhws1gSUJxh97I82ojALO2KfEDWp-bSpQ3BxmVwks-bn_HSUBy_YuBqfPaf09N7OeinrF-HG9MtfnWFWORYnnVPppuKvT3b7K-_qGiWM0zoZp94Gs1-a7l8FnMsnmdMlhxB8Rt9iVIrVrh_IRZRI86Q0DwLJwPO5R3zHpCmpcu2Mv6wox2LToMQI_LtcbNL1eVH4IFKAiYSavNWiR5pqHcnv9RrbdJLqO_grkMs8RuazdiRWFxEbsr2Q5eJhNuXnqCHYOt2Tcw3LTycRbwRO5Zt43C_soiGAra26rmvKP-E2cWOlLwRTM17E4KFdqpuioqsesF-dKD1t6FaPKlpQ8bqWhV-vKZg8k9ZSL373AP_XW0EVkrV499Hpq8CQ_UlpgHTwx-PYJ8rayxVRVD5hJVcwNtlKQUkuziGcVroOn5UeI2GqoYjupaLVuqsK3ZoVTM1UdBywgRIqytdHtUvGV5W2lVgo5gMMJYXUpNzSXmj09vmHEhi4E_pEBiIyJVnduxK_rJR7Lc0KqixR19BZCUopJZB7vwM4s1sEEyzcWkC1ETUosh4lWeOhTBJdYg1Vwk3K_wmz94FlbGFqHohEU-ehUDhWZE-KPWd15AzvW17W5XvZcL1ZebZVBBMi5C56ksrqS6If3yw1ieYe_sceVk5fLErogMzIwFSIdXcQguKo2kzpszhefG9yzdVX0btazh0GPYAKgewjPETcclclNkFr4iJWexNNAu1pP73WQ5wB5msiqE9SEQZCgcNaLe4j2O_YfrB1y3V73UxxtvjU5e68CkCTOpPGn2khlXtmqL_9qgi7gQgpop72HBLArHRl2BNqj2rBDNdkTr4PtCNtW9sSH8Ng3Yg6c3MoaO4DLwxWz84EPFInqffJxcMXV1DL3f0FQA1crbEzzVcjWtA31xjLGMgoiflx-v4ZCx-zN59FHkcdV-UFlcYgSSX4rJxqCORxajOZynYvlM4ITst5MHmZuB4e8KjeZRWnzo6tbs9gHEtv5JUBkAW1PXZQ3Bca9ESFZvcwlhQI8A3ce_QcZfGwnIme1trf1SadmVM8vI9_3P1i6oWmbzmWrg9WrIfz5dqgaokHiYTH9ryUaQpKSAYvgpdqGobThijDC0uQDlCqCrVOaaJ2BktM5F57kTLVNSn6OSkEx0mrqvTZVVNvhVCUz9pQubULoJxpgY2qd5InMalTzUk7sgF37YfPHqEwG4P_4z-vgkeFMRwQcEgokyn0jUs0IVuOC7eg4xdGyGCG8UbWu1il_XFzASfj-6uP1R0wlxuQZjq_P868VUecHJHGiDVyCDV7X5ElMQhO637V_BAyrYUmjS1_mXOm2dHLJToGCKYapdHDGswac1Vz6aDWTghErvQFy8GlFZFbQiyBMsWrnPOEwEsFcMiO_C6YkCrlqiOLashOMGBu1j6jq3Qw5VoMAUfk55262wJBMoqVI8wvNMJKL2wxAQexkr2LrglYZjuDFSD97Is-J8YtmgWX6ckt2QbJrkFR428nGn7KUEDwSB2sG106HgjmXNCEntS-3hHESlz6ql0V-u9AlhzqoTjKe9CR4ZUNvbN17KQcAQvCzDg5CpdQOeSKEkZwGtbKKiP-6TTd6nL5KK-f2M1wHt4D6OEY-Pd7cFuXqeeui89-muJdYr94GVhcFJx_tjFU6mBWLCeYjOHty06UKdhY_c0PocEfdyF36x5jMv1soHL658J9EvzfH-peSZDjgSECqkhCHzO5rgSj77qbmEs42gQr3tzUXbb3BLP2PzP9YZ_8m-DzVPXqn2ejsEMDweO0ikE5N4MpzD8SzSlMlqEeY80l3fMtYMC1Sl9BuQYWx_Nwl8Yqb0lCT45T7Bhzv5gRxuTuH-WuMNPG7F9qE10MCt5DREguzk9jlm4-rmG2UR1h1BXSx56FzxnzEUtYb6wFC-G_2iJF9d8hoT_u5isiNjyYH0ft8xIOYhJEaEo_a7TFKpMFjNON-ckzF4xwhG6N2KhAZC8c6HX8M9gbWd2f5sH6NFsX0EN4gath3MqPFLWksD__df6c_SU9nNp5YFzB-7MQeoRZSqzQLxHGIbEyUbVkStS6pRa-AyNxeTBrgDVIDjSgEIJmRGzZyZvcRaTdX9Feh1-4Ek-HH5obTXc661hhbbPptZo5TlAE2P7M71KADHZpalBCpt6MgGdGLSa_zmu5CSKxL8jtDtjrdFfo61kqQbz5JEaCappqQzasl09Jzep9frTuaz_C6n1nq972kI95uxOQrbH54HdZnLrcZNr248dnxeRnToju2jmNW7wQgaSm8CyKZF0b4GS4L6aPshjLtbDIC6BujaKakZ2aqkPpGTaEpFj10oWiT6Hy9gURBUM4TyrJxvWgUNVHw4fdyW8blbpgY8xty9OiwuKPeG6FYktNj61tbZ92ig1yX3R9xAGoCKVGbo1h85Pzo79jZI9lN6oLE9WkV8Uzp7Pi6jS7ackwcnBI9-cLFRprnid_gmqb6eQCNRXJykpN7YdTSA8VEKjcUJ_lCJnuoeUipJm71o8I_5Qeat_-iOZ_MjIVFvGAKGxkIYuzz8p0qGbFgT12eCvki6hVPUV_GmRUJsX2JFvrVDN9xToCSBq59TNdynNoxyxf8TAhFTl5DvtxZv7E9WbWt00Q&cid=CAASFeRoyKyqdT65j4pULyQz3rZMlj2fgQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstkkz6CG8Zpy4EuTnkLtXRAttQ9oItFafOGpagohOFsK39BLNRc7ak2OHLsjmFote4j4iEGqfyUtU2sCBku-P98TUi_b1tAhygPQr37s1RJTb39BqIN3HUV90qMg6TYVW3s_3YdoOOpMbr6C6N_4Aoh6r2WEIk-A_zUf7e6NLsCxBpZ6WSh1od_RC2RsxBX3vYrLqA1TN4OcMMt2sSJh7jxtXPJm9q5FRCmrCETOFrZOgnBN4SpBvTuTg7dBsnL9YK9J7TrKj9qVn7rguMpMMhsTGmKCCLvf4nyzIWrVC4GaKtXuLJUafrW5vowxxUb07HvbPu-slzNtowIJ4o0sdGDah425iL-o7FA%26sai%3DAMfl-YS9GsVD8Rz6NiQ5CTSlwVmYGChwomZ7CXWMqvWtDLu6wKxXlsa9JnXO0UieBlfEvcynMUnFTCnppCb5XRcpcB2KoL_tFE_d6K-rb6_tSe2pBPqp8b6L7zSDa8loF4ki%26sig%3DCg0ArKJSzEUfp-f6ZZhDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9ad664b0d4c037c56d800fdf2c1a39782602f1e5d3376e4eb96881c22f689904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 32139
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0AE5 42 B
369 B 457ms
69ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B1KneT-eTBy--QE8e5fp5OuFjvqYDGi_z-DesWixZotKsOPR5TG0o-4-C9TwC_LPBsvPthJuLPn6GTQblK6E-azFCU3qgDtuRQ2L23VyvgmDaxu7M

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0AE5 2 KB
1 KB 459ms
70ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0AE5 119 KB
37 KB 50ms
50ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:35:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0AE5 15 KB
7 KB 423ms
35ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:15:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0AE5 0
0 439ms
47ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQPWe2cLE5PkiUsUFUR-BopUfrsXm3ShQXfaoQoWgdKxgTZWCfysdt_XERJTCe5l49IYMrqRkz0VIWHUmDf0lvz406MKw
Requested by: Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 92B2 624 B
558 B 435ms
49ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioY_qmBuQEwAQ&v=APEucNXyiqPihAiY1CC3D8OVcea1ucnnD1SzASLA9XrdNsf5Strx0cRX0H4CCZGh0kDbdynO3xNv3pE5V0Zwgl9c3fHa7kzR98Pdd_18qXXBiLARoSGsXrPM6BI3f5cPZAJBaCGc7LcfzVbuIRpfOUMFPQBT7lDM89AWs21vLacEKrfuG_oZqgw

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 01:35:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2262 76 KB
32 KB 509ms
123ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJBCEajA-OcdFE6jY5hioY55YyoJ-GVMT9jAwlrWXvP9k_fYgyZiXJEolXShHOab3xRaOEonMQSo-p_HxUt-qNdwxW2V4hICJvE6mSExg4l71i1_NhLHh9j2fGu7zr8y0i-AYzA4sO6cvU_j4pxhVmWOGppw&dbm_d=AKAmf-AA8rJhuNG5my0Ig4QpoIg4m5MkndHO-7RGu2RdUHqCfisl9NZ-yrS2iHtIwf76xfFqTccaCDr2mFqeL2h99UG09bxsnFbS2K1cOYpeJZxSaiRgpj6-XC-QLBkr2gkF6oegZJ8eg4VHiFJsLga8CQvaqU76K17kSEex10ZMYwAMW8veiyZjBiUC468bItBKQY_6Zeg4VIehmx-TEiSQ-ZmXFX5PadbN1m__Uzqt2tzoZqgYaFCqMllx5zz4xSZYNEA9WBOseuytdbBHQHp95o9F-FEzsxFpV-I4x4oPskFyZZ6h2I0DAKiffk0-Ca5x8_75qUIuJwiQ0rPzBMmd1j05msAA6Py5Fxw-SyksSv0V-P4kwBMsJ3zX7T64PIrcsf80brnfd_3iuPxrCTf_j7yMgyiJ_cy3ClaDtmQRV1izVOAT6uFPtALWIHz1gc11PyPOJbq1vZABAu0H4nx86EF0h1GyKmFTR4VnV4nlRhzJx3d-ArHvHPx6YUcgZBrNxXX1__Z46anPYGm1WkGpxA_poj7uG-ZK-jAmN8b7e780pw9u61mhfP5hI_xQeoIwu-NYcMH-9HQzsaFDE4AWkKyEh9lYyo2VCAUmYszrvD9VDdRrrb_Rdouj68bRu-Fq89j3rcGuOOkwZavzSAeQAjyIoUB5cEABqT1DI-XNc-M4S9Btigbexyf8mQeIGfN4k2Rjzp3zIhNA9D7RPTigVAqKvbifHP0jTh6bBJu8PcVr5s2aqG2IWvP-fuNiVb6fVeEZjTkeHosXDyBYfgL2lsquLDY10YkLSc8284Rju54cpqncWxFl-MLvdKuKiJE-ZSIk1bgbVohZ9Jb0dQvNCc8K1T1wuB9amHbhZSqGQEgJFeAUyGV7rcRNGG_nte4b6oGUx8o5td5YE1IieP0KNPss3jRQxC7tQXmvAbnhYRe3OLJlxu6CJ1SO4W96HlgNAQt_gOW8zLE57s4_b3EvQSOolF9nx3DHK6orzv5LCzN3shJkFmT8vLpP93FY8agpzeOD1mPE592H2OhHxjAqgYHgdXRp23c4VwuFkArGj492X1yool0LfyOdd2dPiRob9sbX6ViXNz-U_wjE-aA1rYxCvOTw3UWXneqVN7SgTRnWlMFyBAu2YbQi2drgY4n-wrPNcVkvP_CcmDkqpBaWzf-aI8ZM6tY4osw4oXJ1-cPCIGMiA1-6cmOESEH9Dk2TM0cVobIQWffhkIeLWFt-G6S4J0I7q0ODIDkMYDBT4hHShgrjlwZ84KZ5yCIAYG3U_351-5JA9kfN1I_E1AsX9WrUNboA8vOnhJS_YUc6GPTUxqvJ9ptPdILmpAyXCjUmX556qHzGoe9ioJ4WO8JXNz0F_S_4wvKOW0SFRHJamMJ0MmC0KgxDwbmn35rXE_ZTw2mvQi5lmxcQxBU8_konX8UUFtZwOergd-uPCzVaTk9EHQMJxXC1ChusHNUijwloYV2qtiuPkS9jsE5f0PDoQ20BbQ2mjuJfqn92DuWiBV9yIxgsuCtDnkzWXfRu4oen26XfwpD3DQRDWIY7X0-ALzE6JiRa42NBhnyIARskXYwXjOm_QPqaTG3aferJPsCR8dFEIGHADx6oML-iVRN6s6z5ewVXwB7pLgpm6ATxylITg8Ko4eB4LHoXQWyaJT3oJBoI57zvpU-EeP2R9CPZtqoN7lYLzowLVb_Wu7QA2YwBRgmug3kHEgmhOkQ3hTHcEdAPG2y2sbbzUukMxqS-xBQnEX33N20Zg1McZjOY8hV3QEUl16lfFGzKY7lekkfXMnP14ujVsI8W-B1DcTu6WmXw72eaM2KvOR6BcI6bg9dP3n7B7eOd7quc9IP7Adf7ts_PgiRGAwYMOFHWDZ6EfQBnTmUMoYdgKYPqS2sghyWvojxkeavzvCpMqrm7OX7r_e5lH4UU3EAZVQdbInWtg2jGCux6erIPqRdeC0jPu51YttR-CUIOfgcofGZkfHaqBl9afY-D7PgCNDDEvcVER0VzHPGibAT3Ip6TTKGBkcQU20gKTcAxNY2DPW6VxfF5-MU6ONourEzTeBIVVfaT0MZfqLJ92RMEKZ-zGWULkmTvGxps73SR8jJqRO8SwOnhmG1ZedSxnCOCuKMgVwND6bcZMLJxbM8tafjoCNAyot7pAzjMZJj_7PxrVane0mh7YcC7t568OtUkAd_MuoDjlG9trlE9rFjr80mbBvWYRd27HYErgS5nafzLJK7ak8EGIoujJY23ARiNb5yYjl4MpftaOJ1U6YBC6Q1V5dVFkbjkDZ40fvgsVYH8dLRZ9hLY0Hfw7vbbfeuL4Ra8NIjSgDitmQWe6AaQsxYNCdDsFIQBCtCeGeJeRqWR3gXuW4jRpTgu3V5-JdmEWkE6ncNSRaXLgeVwfgr07rfXXlW-M1bhppp7iT5YPOPkwWOYf16AtHs4dxTAw7IXqyZimVOyfXNoHg7iCylEVtXxM9cOVhPxSEL2m9BVUCgbFFckgC6yrUv4RLPdhBW3_3SMHqpB9NJinUSFADmUQL4qk4wSe6QyMGIZfK1z4PzgAH8aWgA6OI5mWZFQ5ELWCN6-ZbXn0FgNETMZpOjlyWVVuo5384Ty1TW7kVOc1z8rB_fZT9OqsQXzLl92RErXefjQUH3PQg-0prw-0kVxnl6OHGQmfvZi6lin3DfTDgVHta1iNPbgTp_0_hNtz031wIbLX7Dy8HmA84oTztmsl8sX6q5a-rmYD07Aw9tabQHuBiDcfNY9vkZUezYwOfpwtFazvyDaAMQ3ZWpBcgSHZ9FSEjHYUzCrvtcr2pL7orfWlkzV3by3Pl-kE4rNl05Mdu9FJGONfX_AMgouoak0s4B_azDgYMpnsKRRzIPendpyfuPkMR0TtbBTHA13iDt2aKdxnXEn4u8caLQyBBa-DVJPtwkaTflnOLBVzgWSoTEL3iY5H6wFTW4ZPoYCzD-bDlsC81Q1aRg9bXrl7XT3QvKtigrR7vN39jJhU858InNIzzuagVFvbscZD2Jh7gNxWQE_TFj2Tv16uMPwB_ojQLeGMbkwmcJ_ZEo5Pn64ShEgewndGti0xT7KoXNbfRyq2moVkf2wH7CTD_y1ZpVuekVqgGwAVO-Wps_Bl_zLL5UlyembemJXmOWg2d87SJwZxz9tz6jQmlCAwTMvpo-VqmYEgUhJM0zRiJxxIsuFMYlEQgUcOOkvuyYPeme3iAo8pRrDLDzKu8339TAT0WSJixBv0QiE1uAo9HeW4BJ9y0F0AZeB58XgVFItXMhFpYh4Hm3VVfKnpwtHVf5DXOg_XsYiM6mno9EpHnVZLQtG6WoJR9bdqPfFzaZOlS5g4tUXmqbLoPA1bW8aAdhvYQXbgBFgTsHgd93zA_Ngosu_sGUTCOB26Ikax9RGj5v2LFONnv0xSAe2pALzY6uF94WE8v0j7sHvx8t0QjEmJxQ_NwyG1uDQa9OhypWDLAzyDpzie-PcgBzE1RWlRctbIJMzfU2D1Ll6ioT43eNiSNGA22_XxE6frnUeNcT95_tOuglqfTKy_tWbf0pRzTvIWmBQkQ0e-5kF8QXZbhvihha2-jhkH0RSbNDupx7YpdA1eQ6pVZ2RYPRPtZtINhju79fj8J6-LZwhQkE0_Qqs-k2t3zpQdq7Xvbageh3QkWj9q2sDqSdOMFwCVjmcfCLqQkbIie1BrSWX69LyKmzuArEOzskvgV2Qi65SmfLLeby96GbnO757xDwrcNQ9vpPWfgDryXZ01T0Vvdz3DWQ4j6_z_WbD2_o_tKN9bebsMVO5hJ9Dl5tsU24xoKBi4f5VYKbNX589lpN-pgdu1LWV2_DC42NxaeS89WWRqB29faGFzoNKWhc3Yh7DTiIELyxRAZ59OrZfnkDs1Hjo-Q1FZF6asfgSLFb_uzLMSybtV3BnphsHXWEMrxTVwdfRfo9DGy6A-YJ5jS-CLnz6bFHnlULgUks7NBmTf6BUjSS29QZSxHljc-GJ6hnxUFwDaDHkJIjpuhmC9ZzIWTfFZxQK5uglOkBSbuy3ptpJDJZivYsbUOpY6JxrPwwJpPnZLdlKZHlW__L8elNzrcR5KUscGCqsR9dl0t4h-owpnrSfzayX8z0Qq_BIQmTgDowvxQlj6a8rm-e0kml2rVhHPW7ZLP6YM4vrMcu1Pfq24ndrXfkMfgXlMAgYTsRxQDb8R4yEDmRJ1Mw3TPkLR-JezOF08suPKAicyrj4bfRoTpv0DhO8Jeinjggw_aULtSiGIBgynWtlYyvyKS0sgyBjsKmgyI_pb_JI5un5Fh2iiui_rbFyLwoT4zGLrUYaXOAhQxZomdzuvxa1YNeV2VuIQhfHzALErJLmhwbub-YRFYovYudWzboPD12DwYE5nk936PvJgI4h4g2py9gqaWfXhjGVaL7peqCQfR8G6zsoGmZgpUG0DH0W2rCbEQcqfbvt0Piy0w&cid=CAASFeRoG789lKRFwuVwfOT8vnopH8ti0A&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvfyBjfQ-tjdHfJ_yl53Hc1MxlB_O5PhDqjxcEfPf7Lf3WNcejOQ7oP3rB20H2cZ8vPIi7rmWhqZZfhJyjErGI_zQ6wx5CYrPkGPuHWOnV_lhLzxhQyFbIBRukNsxDLvQpCkTQvalZ-UiNYydFxU6uI6jSwkigsd-fCnX1wdZW-Q9cNbB_bkfJC47swsq4yRGwQWzkzhqEx5AhfBV4N586KGuRHhphi-XlkkPt9YRQPHQcL2xiyBSfrtmC6xz1noS4NveWtP_ILZGUa5HwJXkgZZpV-_B1-hks68yuBfqDK6xn62YoiFLzdaRQghbfJz-NEgooAFvllv3-seypZWC2Eq1oYsxx6nm0I%26sai%3DAMfl-YSxh1Sg7tS3OEhnnfe-5CKgM0q2XzEuGlfFzvbtzhsQUQf-ucZ7w79IX8KohZe3vfZ59wIXmbqt7buQNQa_7ZPYM7aqAlGy72wyWbPwO0a1GiFMW66RUYP6emXB61Kd%26sig%3DCg0ArKJSzB4XJJRCg7aoEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

2f6ec14f2cdd94af2b44c4060f06ebe63fde63239ae9b441332e98e77f4430e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 32174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2262 42 B
107 B 454ms
70ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dj1h7ONdp7Fomq5CC5o4Lkiv9yxhlEJt9XgmEHYjvjgLl27Xri2XUQ31uye0Blncda06ATUqOM12RP_WfovhZdZu3c0rWgKRcsuwigPiMSgg3HXO4

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 2262 2 KB
1 KB 457ms
72ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2262 119 KB
36 KB 59ms
58ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:35:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 2262 15 KB
6 KB 424ms
40ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:15:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2262 0
0 435ms
47ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQsshDhQI-pi7kiW03eZa69Kte6BuLu80WYrrAh7WOGH5f0BnxWcqI6B7pOehv4u3fBWt0JkNNroWoP4vYrxDk72COsxw
Requested by: Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 f43da89608416eba791f3d983cad35974b8581d22643bf32fd0503c9aed635b0
m.t.tailtarget.com/sync/TT-10162-1/ 43 B
138 B 123ms
108ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.t.tailtarget.com/sync/TT-10162-1/f43da89608416eba791f3d983cad35974b8581d22643bf32fd0503c9aed635b0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
content-type: image/gif
cache-control: private, proxy-revalidate
alt-svc: clear
content-length: 43

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 31AD 624 B
850 B 422ms
47ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWGsT5Uf1FSRoVzUuwO9gGWSN7BGUo7E8tXJUW-7iR-BJ2vmVAYb3cMryhXEjmNi6KirnaLTqUIT3jhIEyuG-JIdui5Wwh_tSAcZB1HVmosZCi6XNn2rt4EY-TwOL_NJomHqQtF5bAIbYIXq6AZ54lrDXJu0xE4ReADtqxLyhXf4vnvm7k

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 13 Nov 2021 01:35:01 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DF30 76 KB
32 KB 530ms
155ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrW_V4PyJ_VbJRx1TulNSljCvOezSo-W3bghx2w0PMkfvD82g_zSv9Pe-g_oTpvc8Kr6fyIKfOo-d-m-TAvqQ652ljlxZhrVRUT6ViJ2ZtF8fRtjI5Nm094MpVRDN204ervXNBri4DihDB1AywSb9KgggexQ&dbm_d=AKAmf-ACyaPubbnPGOoqoP1yAoxWC6_HkJWsCh7eYUmjQuoL0PG4Qew6NdE_3dVN_G26TSFzY3Z6OYSzP9GgjJoolccJadl19N-lcTyxDzJKgbI0jUhyTNt_yfGa8Y2snhGTuqQkksHotDTd1_ahVDUay4L3iXFNUhqxuEuvOYsoKoHT8EBnUrzWQzRTcr9A_Ses1DX71smJd-A0oa7Y9YSvMyjnmE0VnY4vTm0esEFI8hMvoWT2UP4Cwm_Ze6SDvjvKrdpfq0gWOtAyRTkmYN6UdcSt8kRRgapCkH5JrGcYQfNfMjwMMnuIPjhfXPHwL6z298kY3F-6Q43LX2mNydclmWlj_WM9td8LT5PLMCWP5v46D8Zdq5i8Ekn5XNIYn_PmFOPFHG8XbGkQVij8u_O288Chrh8gdXAerVoAT1tSlvukoBRxCcEVqIn7g6V32rxzyoFTXjC4UwNYSDbJDYzizh2UiNnHPluK6lEjO1cdl_MO24myNANK1rgIVRMRF9j-vBW-aIEkrt4xIZUiIgdwtVolaY2fv2AF7U6sVBqFrhmaqnQt88t8_FpkkJQ0xYrImL5MVinWnnBL9lXNmiFOSeFjodJH-6IiXeV7je_EvaNOLfgTTufWh_kqEpK6veG_uFJd8_HT5ISeOFJ24sGyj2VaEIlhpiFYl4JWD15mkuQi_Ey9Zt3kHeIBBJHCBBp3-MFt7gLQXpI8G1TIVJfSxfMNIv_WR_FcrFE36-soWbMj5vA1qDE4hlSen8sWLpabO7s15aqNwnzJWpNioHyuDnHig_hsQv00bs8r74sGyTBHZV7LAfiLJlps3wOZURXW618RAo1ds3lki6gQUd3-p-fzvRyOB6vAdk12kQ9lliGCFV9ta7OZKLGmS0HROTe1ZB4yCc3V1GAO-rtXu9tiDe5wsnsuQuNCvQfTSBQ3QvTt8ZL5zFCIsshhMl0zZkKwF6ddmmsOSme6SxXxSyh5McB3jNo9IZHLrVsOEyvy5cjiFnpcQpU8CR6EDm0blMVDXNg6qFwbCggJT8SNRpGvgc8L98QPI4EMsyuP6GJ4EHbAyagvfO-4CEGH_gzBwKM6wyLDaYli41jU3KhUvHEkVbYDkCGKpDJ5BekxiedpUzJ6nnUCpHRQDghLR6BpyWM4JBCSuug3NBPl_MgVaPgcS3tcBMs4KduNS09rzword9aOomc60oEQY4Zbr7WqPLvii7dkz26zcolhrB9_iMAgqtS_g9Pi3IcQ0J-7_VljyYm7XebroTRV09W7ZHPqCFZFjgNUnCUirywEQ7bz_Z0-QJMsL_4GvSrQv7QfPoZIJMbqlhevgaRz59bGuyUr7QSvPNNyoNCty16IPGmho_kzKabKtjfioUMU5-I1_X7j4EJRxwDyB-Wb50DSJYn9OY6ZUiIxRMUyG-OvjcvveEGwqv8s7MvGtHxlbu1cwAtFJJ6pi9mRJnhJX_X0C58DP5LDusmXNzpDK4Tyb7hKzTqOFkOwX6Vpk2C3GLSdkA4zOPsI8kIH2QIi3oux4wgt9Eo2qx8iTDx8uQ1l8b68fbfmQF1VxJwB0wyUq0ybK-1C_7zj0U_riCC-CKU8L9aQinMuGNNOjzrjeMAG2IRVutzJtBLRDSikeeVec2ZdUIJQN-xzSXMr3Cz8hQuuaxF6DwrstQeGBbUFSqAj6aADJuG1jqFhNPoDqyKdh6ImASiK_mYLTVnQbr38GM6jE2_Tc8uNuYp51xhx2TsDHHhC-yB4TQ9VQ0RScDynsq9dsxh4WitI0UMGIefZZy5Ly2qoP9Ry_cqaTGK_duZ2NGioEbDi-jp6a2cIKzMI6Tsn53DrfNxVbdwWOAaBVXmeTGicQs2Dwzs2vMFTtS_ddSYBkmPcpLjTZP0THKjFMdiU9lzq7BO1wx6t_9NruD2RqazEFurm6MYdbTGJOcvlOXRBl-K3U6e7P55A-RopHjp4i-A0h4eOk3L_6rj3UdgZ1XNJbWMe3wO5V6Sm9zc1lJ7bz6_ygNx91go_hO_1scc_14Pd6qbmwWyn7fgdj07xR7xisljY_-0q3IVpwMbbR3TW1kQccTBf35MAWk8QzApUhWSTgdrINmUGl1NF8H8ahsX_XhDlYLSAvcEg0U1ygwbeA7eb5cNWs5pSQLfUYJ2A0kzbfDVs2W_0vGwzMxyF5KWRZyAaB5veRI429bxNUNskEAOhYEvL1OuDn4L57H7cZ0gably0_0l6wNfDVb70PChXIE_yl0Q4WrFRFYzzyddwnYria9zreEgRBartOHBs3dpa1WUV6bmlwsnnvbJ8GYEPo9D-vNP1LmdCfjd-Crp8li82D_jrofDyyw-dS5UfsShYgSP20iIOTzohp_QBF9o2-fMQF8fH0aVHu75xHRnxiIJSSvjzKP5LiHkFXgHK6fvVQR_Qy7Oed0LFjjTectfMOqZq2mgm8UZuUDN1rxCpg5q4H7400iHa5fCHPNbvi8VpziXu_zryqHclvGQJujZsmJcETAbIpF7Y1UVjEqdG94bpSKIK5Ag0Eya9dKfZVLLNc0Q-tcTE6H-uCh_fiHQthR3PocfBtqr3c6Cnm8DftrCwysDvrlORAJ0gOUpz6FgiG7uYYfZ0IL7fpL-VQDcNhD4-BVLkuw7ktHeM4PqFh4ih8AjkgEpVEVGE28M6NWJ1JV6r5YtRRcMalWudiWoWcElYyEPL0BiTcRPsIECpOpt1_nA8EHr84zl0q5HHVN9QCkNHteK9vCDBb1XaKxPRJjKfQmbc4lnWP-kTQzqxf8JyywLtj63ArWsKqu-TL9sObQEqr7EeSPaIyK2oG99aBDCUekfDSOrSXO9kNTCAxYfofrfWTbiQSgGgQSdm16qJcLv03zmYq0t_y4wLtrsMM8W2cYLLRoo9XYabrlUzqPwcMXrZqLhWRQN6zFyG-pPmgfiJ03rqCRK1b659DP1Dq7XY0TseF9aQaJr9oE5HdxlskKnq4-ton2KlM6dGAfbyf0Zv6SfvlwAUwn6p2HgH6rzO7bVxx5kSUG2XMyju6QmJIjpbjZfUcn65CI03uL5VirCAfmd6SKO4YxFPJRaDkCwl-bewdPux8Jy9u4DUHyA075P-qf42XKS60EAYRtlzpUG_3EHdvOzTu61uRFzqQoLUQPGZikIBC_pHbIGrFWd58sqC5rkJJetT9XURdKJXu_cFhyL9vL38ZeIsS26juQFHm4qUjqK9-JzECidKbc8oM5x0-HWmrw_lx-fKUYWXhv_uhg8J_lo3Rc2WrA3xxLiirrWFBMnzHzlaV_FjIMPJa6UyFsH81rJxcDpwabUA8MeFkd-29RP1eo0Q5CVlnQ_LaXQUjdHi-bLJsGTKpiK3uSrqORPPqXy9IbyotPsnJqzTWKmlYvTUue5wC0xX_9NEM9Cu5n5BWHDEWnInnchHWGfEdS4HDUTAdv26PbV5Wz4kTioTwyzoIzaO2OIZZoezkkkAQ22lkcDyS1M8QS0M0cTOdILTpcCe7YIPYz_tdaQwyeciDbKHXtKkOfxapWhthbcn41yU8hyAg4spszFBgOGQRSlQDIYeVv6y9E3Kf_f0uY7SE8Yq3UogJ247jTlzoiJ6v2FMZh_Xg1VW4FM8EL8C1y9yX9-Hi8piRrMzm2M6JBgzgzAWTf1n0XbmCGGz43VhZijHbejZAhdzxz6ft3imlGFlVGh5CJwwvyv_VVPJ2cPb2NFtequSmQbU-gAFFy-gTaPw5PoZJPUB4aia9TdochuQokRrpnb0c49SCo7PIto6y2JRO8Aik0Jm1FVwxasihLeoSd8Y0RdF_fHwT2qwidOt0Gz_FwoQxg7nUjB4KTa37W-GJRvhHMppZ6C24ySYzXUBqmZ4gQeXEi7v7fMhpDNLabMFHWYWrqcA7ZE6QKcQcwX6mnWaau-dP7ohk6NVhKFN4V-vWziAqZ0cPMq8aYjdS0_kH9iuS2YO1zp93OK_oM6G_2VyalL1Uky606wodIenTnHVvNbEPwP-n02cX9lQFQ1NOV2_he1Sn7B8qa7nKcyfg5-us2F3hyhcXuVwfXAlm1Sf1CJzaIKJn6IEFn7pn8Z3pcCwtzJlzU1SHgjtCHD5K73wIJNztjdsvt5wM3L6U47PQON2IBswsmGogqHOQF5aAAfWdu4FE9N6B-njgPJgczRWpG3FvU_qNS24HQ0QWjyFbxHDELy2DAvbwCeHYH5rQRb_-fySMSdt6iT3KgJzIPu-PqL2CHmR_gzLGAkyXcAM9Tg6aA0NxOtJ8ZoZ7qMj9m5oi2QPxeIfwGgPErernv29IdbE1lyvrGPBFpGt2fkB0qZOCp-8EFHGqPFQesz0yCPxoTm2FdfndzyZrxG4EHzPf0m-e5eh8XDiG3EtDLHo641yp_EIj-YIyMdjOhNjtKZ5BywHa7VCgkbwJWUgMsNneZtNvdyQdKQZBU2AgBYimPLXznZvPcLy2N5aQw&cid=CAASFeRoaVl_y8BoZhjbwUb67yNkSglHgg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstyagT1wg8d7gTE6cuGC3kBNe3XPUBDKHNGDQHB2VCF5kNaxjdynzw_52ioy1cyJ_7gPlhzvrmPgEV66NPI6Sz1TRg_oRtxUWlCO_NmeJ1kK_piq0B2FM9CrzG8XKyX5SXxSNyV4daLnPdBJKCElT7Rm9epGAGQABehzkjyvq04J_XUZ9LDW488ZaJ6bSa8ca2ns7vuVBVe-_rJASb1TqM57Wa_k67ZHYdz2DrgWSPVF3DeeVc6QTMdl0TAhwZHKWwkQvUyt225NPCWOVN1UCLTzrKG1_H8BD-A3KLlLDvwK0i2HwEPwwH5VdGv0MMYOEY1l1slkRrWi1AboEFVovGtt7woovoeZc53%26sai%3DAMfl-YTTOlU79OqNZOg4WwWvdpGB70M8q2QrljloYNaB7eUnDFSoAdRCmICHVCkdh82mk_nwlQq5phF65l7WNA5pDPbEGTryVEXK3ZjYPJWML9gXLmV8BrSENuL7upkvppA%26sig%3DCg0ArKJSzO-aAJ1mKEX-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b175fb0b96a2ba3ad65c113bf77cfff087df765be5fb5334af19e24a15c9b72f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 32030
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DF30 42 B
107 B 442ms
70ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A3_hGFOZnGC2hEQfB2DcewAnR5axe_5V-JPHK2qYPOmfhTWWAy8PGWtbOpUW2C98KxRJ5tESvlhL9mwq5x4lXU7CWfg9Ij4q4akzICyzGUxKwpOQQ

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame DF30 2 KB
1 KB 447ms
74ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:52:44 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF30 119 KB
36 KB 56ms
55ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 13 Nov 2021 01:35:00 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame DF30 15 KB
6 KB 418ms
45ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:15:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:15:54 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DF30 0
0 423ms
47ms Image
text/html 142.250.186.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSeVpkKNtZ7vw6vPWftXOtgYnm-ROYZDYU5g9aKXQgCK4Muq9eQJK6K_fZ-OBSsFUn9eRnILUh46c4OmW78pVgXBDndEw
Requested by: Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 31AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWGsT5Uf1FSRoVzUuwO9gGWSN7BGUo7E8tXJUW-7iR-BJ2vmVAYb3cMryhXEjmNi6KirnaLTqUIT3jhIEyuG-JIdui5Wwh_tSAcZB1HVmosZCi6XNn2rt4EY-TwOL_NJomHqQtF5bAIbYIXq6AZ54lrDXJu0xE4ReADtqxLyhXf4vnvm7k
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 31AD
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWGsT5Uf1FSRoVzUuwO9gGWSN7BGUo7E8tXJUW-7iR-BJ2vmVAYb3cMryhXEjmNi6KirnaLTqUIT3jhIEyuG-JIdui5Wwh_tSAcZB1HVmosZCi6XNn2rt4EY-TwOL_NJomHqQtF5bAIbYIXq6AZ54lrDXJu0xE4ReADtqxLyhXf4vnvm7k
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 31AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

43 B
1008 B

13ms
13ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWGsT5Uf1FSRoVzUuwO9gGWSN7BGUo7E8tXJUW-7iR-BJ2vmVAYb3cMryhXEjmNi6KirnaLTqUIT3jhIEyuG-JIdui5Wwh_tSAcZB1HVmosZCi6XNn2rt4EY-TwOL_NJomHqQtF5bAIbYIXq6AZ54lrDXJu0xE4ReADtqxLyhXf4vnvm7k

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 466db73b-a9d4-405f-ab33-dff3be986210
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 31AD
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

170 B
232 B

95ms
79ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5fde87d9-b3c6-4900-b982-0874601bb6f9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FB4F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

43 B
894 B

13ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWgVuiIjUX6bVaernWfgWF1zHQUsag7jWUGIkuLE4GYJtu2KG74mxYbysRInp4Hcox3JpKhfa1Gb36f-dOJ2XG4rCSAwzfHE5nXOs23pFR1euURAg0SVhGMeZAABQ7UTMtq46UCh58-V2WCd96JmQLGJexIHY1mrHt_1cSY-_WznsuQc4U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FB4F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWgVuiIjUX6bVaernWfgWF1zHQUsag7jWUGIkuLE4GYJtu2KG74mxYbysRInp4Hcox3JpKhfa1Gb36f-dOJ2XG4rCSAwzfHE5nXOs23pFR1euURAg0SVhGMeZAABQ7UTMtq46UCh58-V2WCd96JmQLGJexIHY1mrHt_1cSY-_WznsuQc4U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame FB4F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

43 B
1008 B

14ms
14ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioYkLKBuQEwAQ&v=APEucNWgVuiIjUX6bVaernWfgWF1zHQUsag7jWUGIkuLE4GYJtu2KG74mxYbysRInp4Hcox3JpKhfa1Gb36f-dOJ2XG4rCSAwzfHE5nXOs23pFR1euURAg0SVhGMeZAABQ7UTMtq46UCh58-V2WCd96JmQLGJexIHY1mrHt_1cSY-_WznsuQc4U

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 40173c88-adf8-455f-98df-2cd262dc8a87
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FB4F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

170 B
243 B

110ms
47ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ff84f92b-e97d-4bb3-9a74-3898330bf7b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 92B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1

43 B
894 B

27ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioY_qmBuQEwAQ&v=APEucNXyiqPihAiY1CC3D8OVcea1ucnnD1SzASLA9XrdNsf5Strx0cRX0H4CCZGh0kDbdynO3xNv3pE5V0Zwgl9c3fHa7kzR98Pdd_18qXXBiLARoSGsXrPM6BI3f5cPZAJBaCGc7LcfzVbuIRpfOUMFPQBT7lDM89AWs21vLacEKrfuG_oZqgw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENE7AsaDm0XQgHkkkU7tUEs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 92B2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YY8WRdB3DuOrOvYQvUuMhQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioY_qmBuQEwAQ&v=APEucNXyiqPihAiY1CC3D8OVcea1ucnnD1SzASLA9XrdNsf5Strx0cRX0H4CCZGh0kDbdynO3xNv3pE5V0Zwgl9c3fHa7kzR98Pdd_18qXXBiLARoSGsXrPM6BI3f5cPZAJBaCGc7LcfzVbuIRpfOUMFPQBT7lDM89AWs21vLacEKrfuG_oZqgw
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 13 Nov 2021 01:35:01 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJnlJaE95ynuvvlFqYzVDxI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 92B2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

43 B
1008 B

14ms
14ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPqwIRCcqioY_qmBuQEwAQ&v=APEucNXyiqPihAiY1CC3D8OVcea1ucnnD1SzASLA9XrdNsf5Strx0cRX0H4CCZGh0kDbdynO3xNv3pE5V0Zwgl9c3fHa7kzR98Pdd_18qXXBiLARoSGsXrPM6BI3f5cPZAJBaCGc7LcfzVbuIRpfOUMFPQBT7lDM89AWs21vLacEKrfuG_oZqgw

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e7e6b18e-f816-428c-9691-e495ef73afd5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESED-S3B4C5XKACpZISNy7DDk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 92B2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

170 B
232 B

110ms
47ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 13 Nov 2021 01:35:01 GMT
X-Proxy-Origin: 185.213.155.165; 185.213.155.165; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 505ac574-68ac-4b39-840a-226dcbefe116
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTA2MjA1OTUwMDcxODk4MjYzNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 0AE5 29 KB
0 1664ms
412ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: www.legiaodosherois.com.br
URL: https://www.legiaodosherois.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
Origin: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 16:55:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31151
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Nov 2021 16:55:51 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 0AE5 8 KB
3 KB 38ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cp8PSB7LYa8PZF12PJLdWcGVt-VAH84MVvq6YLSgmbod9R5vOxulja-5DMJ9VI6-PCBQi5YfWY9f1aS8ojwE_6SQNazwuQ0KTAahaSPMxv-hOXKProVSHCZGHJdN8XyaRmEsWD4ifOJ1EPvrVOrQSoYmCYPw&dbm_d=AKAmf-BY4lGCyM_2LIcSlWKw1Ia_tuOmvVX_4aKdR3URsrq27tM_A--AyWDmPyfFfzcxgNYSF_WFgeTFheB6-UvpeKCBtxTgtWKJGL0Qwzut14Glf7fvrUih-xatP2i9UzEo_I9bayDhgGW-n_CsRutNujmYv2etvrcjgp2Nx5q7F0wnAUDbfqugImDfNWMppIuN0YM5i61efqtOS4qjgtiM71RaBXXuVkp5_PQp6FlVY9WSjEXNSJ5EOH_HMMgxnfppKxgd3_ADq6-MEmmmr0OLKJY11Lo5KA3uprvy-9D4Dr1MOLsSHD_mUSrMS5EUhB1Gd4dkWLwlQaoALQJ5c1YUAzD-PbN2pMDa7v4i1jbFNkwq2qKIP3ghWly0PrZHA-k5bdOvDZY3pLsX_G7gc0FSGiJRm3oDx8Tqcht_r4SaliqwBv5TUAUbizVd_jqwh5Y8nGwqvoMBvbufzjToYsgUdn8oqKJguUmDWOzBqG-_TpvbCj9jJ6rbVfTcflbzdkn5peeXYpasnkVwUweu3zz46VszbvIANet4IRDP3PzuVM0HRwKSqm2gAS1XM6No_JH0OyhfB8IUxZ2SeZtv6_wKaaGvImr67etVD6Rf9Qd0PpejpBGhyujOyZKMEZKZccOjUOVeL52U510N0rnlRYXD8vctKgxN4WQIFjHYa-XPP9oqmbOpEW2BhJToM1n09JYAA7sohleB0oVf_4iQJ5d2zcM-zf2gyOG9aTdoVrBB3qMyOaDcUu_3ahCZM4A31ZXKRtaPiYlz-MW6TfeNGlTLHcoyE98ZHOWNKf3LsDBMxUPRJID7bUL9fVnSX7-iqYpt0XjSZMrhf0dHpszeqFMl_FgrHEJ13pTxqwR4d8X9yl9DxlHQUb215vIvPEYKv4xCiGlsU74mZcOwIrq9b4Xne3RBsjy3oGAT3JJrc6ZT6KaHQS_2r7SAjdiy1FVGOOlTT_xNnq6LgUgN6KwbNZlDCQPgEpfal9cFxfGTJ8isKf4bH9BTrPELKcswqLKLGAjO2OOQnzxOP97LKDVyYotYpGGT35d8a-VnDDzW2Q3FV2UwGVOyzHkfZi8iIchJ8YJQ3hfmdGAXwJcdJKkmD6Fvow_lFc9FjAFZJJLGXc3DhnBVPjx2evMLKsg_RsefqKplfhcwj4ZRAxr39g-uzxV53Tj7hmocaKNYutkha4hF1oRUbRTc5eVrwmNrSSbFuDJVsKFt6tefkW7US0ph9_42joNdg7qpo7yBpwFXUAbLhCR7sXmDF9bMyCLgSal3L-px_RzCG_Tf9EUwS_X7ODEoFun0NC8D1RBd1e5bQLAttyWNLtjgqLVAKkvI2XZaGjCj3jr_RCFM2NeQO2iE1aRs401mM63X4f6JSeIJfKWfv8ALNzmhioQHTXr1PUIHKqL2oE44sW4IRoCfiXADeqcY7XgJZGynUFe1GH5tGLNIdIFdfnvFrcSIbd9sgz-qvSKrTn8Rq4eZbe3YzfUCPdwIm6V6WL2ltAEJsaSlVo-a6T28eqtRC2lLyg2W6RzwbfjIDeINgw-ZKmp1lsMUI8X7Xl-riAWbDJ5hZRNmDi3hAVdf8zeN8qH805m4x1ZTn7S1taPxL_Kgo-v8uveboOACH6d74xf84ZZfyLUkAGbPNxRnKxvSSnw3SqLPaGZliD6t5fZGUrYGl14t5qvZMvhiT7rOSjZdpoVm0dutiMiacw7ozorfxwi5DZrasM1IjAVsMuXARx3DkuBD341rHoQIEI2OB3qUBnWu4TpZZEAspI2o3zdCT7Lv0d-SrHwwx309juOwEaaQR6DMUfyhws1gSUJxh97I82ojALO2KfEDWp-bSpQ3BxmVwks-bn_HSUBy_YuBqfPaf09N7OeinrF-HG9MtfnWFWORYnnVPppuKvT3b7K-_qGiWM0zoZp94Gs1-a7l8FnMsnmdMlhxB8Rt9iVIrVrh_IRZRI86Q0DwLJwPO5R3zHpCmpcu2Mv6wox2LToMQI_LtcbNL1eVH4IFKAiYSavNWiR5pqHcnv9RrbdJLqO_grkMs8RuazdiRWFxEbsr2Q5eJhNuXnqCHYOt2Tcw3LTycRbwRO5Zt43C_soiGAra26rmvKP-E2cWOlLwRTM17E4KFdqpuioqsesF-dKD1t6FaPKlpQ8bqWhV-vKZg8k9ZSL373AP_XW0EVkrV499Hpq8CQ_UlpgHTwx-PYJ8rayxVRVD5hJVcwNtlKQUkuziGcVroOn5UeI2GqoYjupaLVuqsK3ZoVTM1UdBywgRIqytdHtUvGV5W2lVgo5gMMJYXUpNzSXmj09vmHEhi4E_pEBiIyJVnduxK_rJR7Lc0KqixR19BZCUopJZB7vwM4s1sEEyzcWkC1ETUosh4lWeOhTBJdYg1Vwk3K_wmz94FlbGFqHohEU-ehUDhWZE-KPWd15AzvW17W5XvZcL1ZebZVBBMi5C56ksrqS6If3yw1ieYe_sceVk5fLErogMzIwFSIdXcQguKo2kzpszhefG9yzdVX0btazh0GPYAKgewjPETcclclNkFr4iJWexNNAu1pP73WQ5wB5msiqE9SEQZCgcNaLe4j2O_YfrB1y3V73UxxtvjU5e68CkCTOpPGn2khlXtmqL_9qgi7gQgpop72HBLArHRl2BNqj2rBDNdkTr4PtCNtW9sSH8Ng3Yg6c3MoaO4DLwxWz84EPFInqffJxcMXV1DL3f0FQA1crbEzzVcjWtA31xjLGMgoiflx-v4ZCx-zN59FHkcdV-UFlcYgSSX4rJxqCORxajOZynYvlM4ITst5MHmZuB4e8KjeZRWnzo6tbs9gHEtv5JUBkAW1PXZQ3Bca9ESFZvcwlhQI8A3ce_QcZfGwnIme1trf1SadmVM8vI9_3P1i6oWmbzmWrg9WrIfz5dqgaokHiYTH9ryUaQpKSAYvgpdqGobThijDC0uQDlCqCrVOaaJ2BktM5F57kTLVNSn6OSkEx0mrqvTZVVNvhVCUz9pQubULoJxpgY2qd5InMalTzUk7sgF37YfPHqEwG4P_4z-vgkeFMRwQcEgokyn0jUs0IVuOC7eg4xdGyGCG8UbWu1il_XFzASfj-6uP1R0wlxuQZjq_P868VUecHJHGiDVyCDV7X5ElMQhO637V_BAyrYUmjS1_mXOm2dHLJToGCKYapdHDGswac1Vz6aDWTghErvQFy8GlFZFbQiyBMsWrnPOEwEsFcMiO_C6YkCrlqiOLashOMGBu1j6jq3Qw5VoMAUfk55262wJBMoqVI8wvNMJKL2wxAQexkr2LrglYZjuDFSD97Is-J8YtmgWX6ckt2QbJrkFR428nGn7KUEDwSB2sG106HgjmXNCEntS-3hHESlz6ql0V-u9AlhzqoTjKe9CR4ZUNvbN17KQcAQvCzDg5CpdQOeSKEkZwGtbKKiP-6TTd6nL5KK-f2M1wHt4D6OEY-Pd7cFuXqeeui89-muJdYr94GVhcFJx_tjFU6mBWLCeYjOHty06UKdhY_c0PocEfdyF36x5jMv1soHL658J9EvzfH-peSZDjgSECqkhCHzO5rgSj77qbmEs42gQr3tzUXbb3BLP2PzP9YZ_8m-DzVPXqn2ejsEMDweO0ikE5N4MpzD8SzSlMlqEeY80l3fMtYMC1Sl9BuQYWx_Nwl8Yqb0lCT45T7Bhzv5gRxuTuH-WuMNPG7F9qE10MCt5DREguzk9jlm4-rmG2UR1h1BXSx56FzxnzEUtYb6wFC-G_2iJF9d8hoT_u5isiNjyYH0ft8xIOYhJEaEo_a7TFKpMFjNON-ckzF4xwhG6N2KhAZC8c6HX8M9gbWd2f5sH6NFsX0EN4gath3MqPFLWksD__df6c_SU9nNp5YFzB-7MQeoRZSqzQLxHGIbEyUbVkStS6pRa-AyNxeTBrgDVIDjSgEIJmRGzZyZvcRaTdX9Feh1-4Ek-HH5obTXc661hhbbPptZo5TlAE2P7M71KADHZpalBCpt6MgGdGLSa_zmu5CSKxL8jtDtjrdFfo61kqQbz5JEaCappqQzasl09Jzep9frTuaz_C6n1nq972kI95uxOQrbH54HdZnLrcZNr248dnxeRnToju2jmNW7wQgaSm8CyKZF0b4GS4L6aPshjLtbDIC6BujaKakZ2aqkPpGTaEpFj10oWiT6Hy9gURBUM4TyrJxvWgUNVHw4fdyW8blbpgY8xty9OiwuKPeG6FYktNj61tbZ92ig1yX3R9xAGoCKVGbo1h85Pzo79jZI9lN6oLE9WkV8Uzp7Pi6jS7ackwcnBI9-cLFRprnid_gmqb6eQCNRXJykpN7YdTSA8VEKjcUJ_lCJnuoeUipJm71o8I_5Qeat_-iOZ_MjIVFvGAKGxkIYuzz8p0qGbFgT12eCvki6hVPUV_GmRUJsX2JFvrVDN9xToCSBq59TNdynNoxyxf8TAhFTl5DvtxZv7E9WbWt00Q&cid=CAASFeRoyKyqdT65j4pULyQz3rZMlj2fgQ&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstkkz6CG8Zpy4EuTnkLtXRAttQ9oItFafOGpagohOFsK39BLNRc7ak2OHLsjmFote4j4iEGqfyUtU2sCBku-P98TUi_b1tAhygPQr37s1RJTb39BqIN3HUV90qMg6TYVW3s_3YdoOOpMbr6C6N_4Aoh6r2WEIk-A_zUf7e6NLsCxBpZ6WSh1od_RC2RsxBX3vYrLqA1TN4OcMMt2sSJh7jxtXPJm9q5FRCmrCETOFrZOgnBN4SpBvTuTg7dBsnL9YK9J7TrKj9qVn7rguMpMMhsTGmKCCLvf4nyzIWrVC4GaKtXuLJUafrW5vowxxUb07HvbPu-slzNtowIJ4o0sdGDah425iL-o7FA%26sai%3DAMfl-YS9GsVD8Rz6NiQ5CTSlwVmYGChwomZ7CXWMqvWtDLu6wKxXlsa9JnXO0UieBlfEvcynMUnFTCnppCb5XRcpcB2KoL_tFE_d6K-rb6_tSe2pBPqp8b6L7zSDa8loF4ki%26sig%3DCg0ArKJSzEUfp-f6ZZhDEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:57:03 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 0AE5 24 KB
9 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:07:09 GMT

GET express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2262 0
0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 2262 8 KB
3 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJBCEajA-OcdFE6jY5hioY55YyoJ-GVMT9jAwlrWXvP9k_fYgyZiXJEolXShHOab3xRaOEonMQSo-p_HxUt-qNdwxW2V4hICJvE6mSExg4l71i1_NhLHh9j2fGu7zr8y0i-AYzA4sO6cvU_j4pxhVmWOGppw&dbm_d=AKAmf-AA8rJhuNG5my0Ig4QpoIg4m5MkndHO-7RGu2RdUHqCfisl9NZ-yrS2iHtIwf76xfFqTccaCDr2mFqeL2h99UG09bxsnFbS2K1cOYpeJZxSaiRgpj6-XC-QLBkr2gkF6oegZJ8eg4VHiFJsLga8CQvaqU76K17kSEex10ZMYwAMW8veiyZjBiUC468bItBKQY_6Zeg4VIehmx-TEiSQ-ZmXFX5PadbN1m__Uzqt2tzoZqgYaFCqMllx5zz4xSZYNEA9WBOseuytdbBHQHp95o9F-FEzsxFpV-I4x4oPskFyZZ6h2I0DAKiffk0-Ca5x8_75qUIuJwiQ0rPzBMmd1j05msAA6Py5Fxw-SyksSv0V-P4kwBMsJ3zX7T64PIrcsf80brnfd_3iuPxrCTf_j7yMgyiJ_cy3ClaDtmQRV1izVOAT6uFPtALWIHz1gc11PyPOJbq1vZABAu0H4nx86EF0h1GyKmFTR4VnV4nlRhzJx3d-ArHvHPx6YUcgZBrNxXX1__Z46anPYGm1WkGpxA_poj7uG-ZK-jAmN8b7e780pw9u61mhfP5hI_xQeoIwu-NYcMH-9HQzsaFDE4AWkKyEh9lYyo2VCAUmYszrvD9VDdRrrb_Rdouj68bRu-Fq89j3rcGuOOkwZavzSAeQAjyIoUB5cEABqT1DI-XNc-M4S9Btigbexyf8mQeIGfN4k2Rjzp3zIhNA9D7RPTigVAqKvbifHP0jTh6bBJu8PcVr5s2aqG2IWvP-fuNiVb6fVeEZjTkeHosXDyBYfgL2lsquLDY10YkLSc8284Rju54cpqncWxFl-MLvdKuKiJE-ZSIk1bgbVohZ9Jb0dQvNCc8K1T1wuB9amHbhZSqGQEgJFeAUyGV7rcRNGG_nte4b6oGUx8o5td5YE1IieP0KNPss3jRQxC7tQXmvAbnhYRe3OLJlxu6CJ1SO4W96HlgNAQt_gOW8zLE57s4_b3EvQSOolF9nx3DHK6orzv5LCzN3shJkFmT8vLpP93FY8agpzeOD1mPE592H2OhHxjAqgYHgdXRp23c4VwuFkArGj492X1yool0LfyOdd2dPiRob9sbX6ViXNz-U_wjE-aA1rYxCvOTw3UWXneqVN7SgTRnWlMFyBAu2YbQi2drgY4n-wrPNcVkvP_CcmDkqpBaWzf-aI8ZM6tY4osw4oXJ1-cPCIGMiA1-6cmOESEH9Dk2TM0cVobIQWffhkIeLWFt-G6S4J0I7q0ODIDkMYDBT4hHShgrjlwZ84KZ5yCIAYG3U_351-5JA9kfN1I_E1AsX9WrUNboA8vOnhJS_YUc6GPTUxqvJ9ptPdILmpAyXCjUmX556qHzGoe9ioJ4WO8JXNz0F_S_4wvKOW0SFRHJamMJ0MmC0KgxDwbmn35rXE_ZTw2mvQi5lmxcQxBU8_konX8UUFtZwOergd-uPCzVaTk9EHQMJxXC1ChusHNUijwloYV2qtiuPkS9jsE5f0PDoQ20BbQ2mjuJfqn92DuWiBV9yIxgsuCtDnkzWXfRu4oen26XfwpD3DQRDWIY7X0-ALzE6JiRa42NBhnyIARskXYwXjOm_QPqaTG3aferJPsCR8dFEIGHADx6oML-iVRN6s6z5ewVXwB7pLgpm6ATxylITg8Ko4eB4LHoXQWyaJT3oJBoI57zvpU-EeP2R9CPZtqoN7lYLzowLVb_Wu7QA2YwBRgmug3kHEgmhOkQ3hTHcEdAPG2y2sbbzUukMxqS-xBQnEX33N20Zg1McZjOY8hV3QEUl16lfFGzKY7lekkfXMnP14ujVsI8W-B1DcTu6WmXw72eaM2KvOR6BcI6bg9dP3n7B7eOd7quc9IP7Adf7ts_PgiRGAwYMOFHWDZ6EfQBnTmUMoYdgKYPqS2sghyWvojxkeavzvCpMqrm7OX7r_e5lH4UU3EAZVQdbInWtg2jGCux6erIPqRdeC0jPu51YttR-CUIOfgcofGZkfHaqBl9afY-D7PgCNDDEvcVER0VzHPGibAT3Ip6TTKGBkcQU20gKTcAxNY2DPW6VxfF5-MU6ONourEzTeBIVVfaT0MZfqLJ92RMEKZ-zGWULkmTvGxps73SR8jJqRO8SwOnhmG1ZedSxnCOCuKMgVwND6bcZMLJxbM8tafjoCNAyot7pAzjMZJj_7PxrVane0mh7YcC7t568OtUkAd_MuoDjlG9trlE9rFjr80mbBvWYRd27HYErgS5nafzLJK7ak8EGIoujJY23ARiNb5yYjl4MpftaOJ1U6YBC6Q1V5dVFkbjkDZ40fvgsVYH8dLRZ9hLY0Hfw7vbbfeuL4Ra8NIjSgDitmQWe6AaQsxYNCdDsFIQBCtCeGeJeRqWR3gXuW4jRpTgu3V5-JdmEWkE6ncNSRaXLgeVwfgr07rfXXlW-M1bhppp7iT5YPOPkwWOYf16AtHs4dxTAw7IXqyZimVOyfXNoHg7iCylEVtXxM9cOVhPxSEL2m9BVUCgbFFckgC6yrUv4RLPdhBW3_3SMHqpB9NJinUSFADmUQL4qk4wSe6QyMGIZfK1z4PzgAH8aWgA6OI5mWZFQ5ELWCN6-ZbXn0FgNETMZpOjlyWVVuo5384Ty1TW7kVOc1z8rB_fZT9OqsQXzLl92RErXefjQUH3PQg-0prw-0kVxnl6OHGQmfvZi6lin3DfTDgVHta1iNPbgTp_0_hNtz031wIbLX7Dy8HmA84oTztmsl8sX6q5a-rmYD07Aw9tabQHuBiDcfNY9vkZUezYwOfpwtFazvyDaAMQ3ZWpBcgSHZ9FSEjHYUzCrvtcr2pL7orfWlkzV3by3Pl-kE4rNl05Mdu9FJGONfX_AMgouoak0s4B_azDgYMpnsKRRzIPendpyfuPkMR0TtbBTHA13iDt2aKdxnXEn4u8caLQyBBa-DVJPtwkaTflnOLBVzgWSoTEL3iY5H6wFTW4ZPoYCzD-bDlsC81Q1aRg9bXrl7XT3QvKtigrR7vN39jJhU858InNIzzuagVFvbscZD2Jh7gNxWQE_TFj2Tv16uMPwB_ojQLeGMbkwmcJ_ZEo5Pn64ShEgewndGti0xT7KoXNbfRyq2moVkf2wH7CTD_y1ZpVuekVqgGwAVO-Wps_Bl_zLL5UlyembemJXmOWg2d87SJwZxz9tz6jQmlCAwTMvpo-VqmYEgUhJM0zRiJxxIsuFMYlEQgUcOOkvuyYPeme3iAo8pRrDLDzKu8339TAT0WSJixBv0QiE1uAo9HeW4BJ9y0F0AZeB58XgVFItXMhFpYh4Hm3VVfKnpwtHVf5DXOg_XsYiM6mno9EpHnVZLQtG6WoJR9bdqPfFzaZOlS5g4tUXmqbLoPA1bW8aAdhvYQXbgBFgTsHgd93zA_Ngosu_sGUTCOB26Ikax9RGj5v2LFONnv0xSAe2pALzY6uF94WE8v0j7sHvx8t0QjEmJxQ_NwyG1uDQa9OhypWDLAzyDpzie-PcgBzE1RWlRctbIJMzfU2D1Ll6ioT43eNiSNGA22_XxE6frnUeNcT95_tOuglqfTKy_tWbf0pRzTvIWmBQkQ0e-5kF8QXZbhvihha2-jhkH0RSbNDupx7YpdA1eQ6pVZ2RYPRPtZtINhju79fj8J6-LZwhQkE0_Qqs-k2t3zpQdq7Xvbageh3QkWj9q2sDqSdOMFwCVjmcfCLqQkbIie1BrSWX69LyKmzuArEOzskvgV2Qi65SmfLLeby96GbnO757xDwrcNQ9vpPWfgDryXZ01T0Vvdz3DWQ4j6_z_WbD2_o_tKN9bebsMVO5hJ9Dl5tsU24xoKBi4f5VYKbNX589lpN-pgdu1LWV2_DC42NxaeS89WWRqB29faGFzoNKWhc3Yh7DTiIELyxRAZ59OrZfnkDs1Hjo-Q1FZF6asfgSLFb_uzLMSybtV3BnphsHXWEMrxTVwdfRfo9DGy6A-YJ5jS-CLnz6bFHnlULgUks7NBmTf6BUjSS29QZSxHljc-GJ6hnxUFwDaDHkJIjpuhmC9ZzIWTfFZxQK5uglOkBSbuy3ptpJDJZivYsbUOpY6JxrPwwJpPnZLdlKZHlW__L8elNzrcR5KUscGCqsR9dl0t4h-owpnrSfzayX8z0Qq_BIQmTgDowvxQlj6a8rm-e0kml2rVhHPW7ZLP6YM4vrMcu1Pfq24ndrXfkMfgXlMAgYTsRxQDb8R4yEDmRJ1Mw3TPkLR-JezOF08suPKAicyrj4bfRoTpv0DhO8Jeinjggw_aULtSiGIBgynWtlYyvyKS0sgyBjsKmgyI_pb_JI5un5Fh2iiui_rbFyLwoT4zGLrUYaXOAhQxZomdzuvxa1YNeV2VuIQhfHzALErJLmhwbub-YRFYovYudWzboPD12DwYE5nk936PvJgI4h4g2py9gqaWfXhjGVaL7peqCQfR8G6zsoGmZgpUG0DH0W2rCbEQcqfbvt0Piy0w&cid=CAASFeRoG789lKRFwuVwfOT8vnopH8ti0A&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjsvfyBjfQ-tjdHfJ_yl53Hc1MxlB_O5PhDqjxcEfPf7Lf3WNcejOQ7oP3rB20H2cZ8vPIi7rmWhqZZfhJyjErGI_zQ6wx5CYrPkGPuHWOnV_lhLzxhQyFbIBRukNsxDLvQpCkTQvalZ-UiNYydFxU6uI6jSwkigsd-fCnX1wdZW-Q9cNbB_bkfJC47swsq4yRGwQWzkzhqEx5AhfBV4N586KGuRHhphi-XlkkPt9YRQPHQcL2xiyBSfrtmC6xz1noS4NveWtP_ILZGUa5HwJXkgZZpV-_B1-hks68yuBfqDK6xn62YoiFLzdaRQghbfJz-NEgooAFvllv3-seypZWC2Eq1oYsxx6nm0I%26sai%3DAMfl-YSxh1Sg7tS3OEhnnfe-5CKgM0q2XzEuGlfFzvbtzhsQUQf-ucZ7w79IX8KohZe3vfZ59wIXmbqt7buQNQa_7ZPYM7aqAlGy72wyWbPwO0a1GiFMW66RUYP6emXB61Kd%26sig%3DCg0ArKJSzB4XJJRCg7aoEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:57:03 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 2262 24 KB
9 KB 38ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:07:09 GMT

GET express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame DF30 0
0

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame DF30 8 KB
3 KB 38ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BrW_V4PyJ_VbJRx1TulNSljCvOezSo-W3bghx2w0PMkfvD82g_zSv9Pe-g_oTpvc8Kr6fyIKfOo-d-m-TAvqQ652ljlxZhrVRUT6ViJ2ZtF8fRtjI5Nm094MpVRDN204ervXNBri4DihDB1AywSb9KgggexQ&dbm_d=AKAmf-ACyaPubbnPGOoqoP1yAoxWC6_HkJWsCh7eYUmjQuoL0PG4Qew6NdE_3dVN_G26TSFzY3Z6OYSzP9GgjJoolccJadl19N-lcTyxDzJKgbI0jUhyTNt_yfGa8Y2snhGTuqQkksHotDTd1_ahVDUay4L3iXFNUhqxuEuvOYsoKoHT8EBnUrzWQzRTcr9A_Ses1DX71smJd-A0oa7Y9YSvMyjnmE0VnY4vTm0esEFI8hMvoWT2UP4Cwm_Ze6SDvjvKrdpfq0gWOtAyRTkmYN6UdcSt8kRRgapCkH5JrGcYQfNfMjwMMnuIPjhfXPHwL6z298kY3F-6Q43LX2mNydclmWlj_WM9td8LT5PLMCWP5v46D8Zdq5i8Ekn5XNIYn_PmFOPFHG8XbGkQVij8u_O288Chrh8gdXAerVoAT1tSlvukoBRxCcEVqIn7g6V32rxzyoFTXjC4UwNYSDbJDYzizh2UiNnHPluK6lEjO1cdl_MO24myNANK1rgIVRMRF9j-vBW-aIEkrt4xIZUiIgdwtVolaY2fv2AF7U6sVBqFrhmaqnQt88t8_FpkkJQ0xYrImL5MVinWnnBL9lXNmiFOSeFjodJH-6IiXeV7je_EvaNOLfgTTufWh_kqEpK6veG_uFJd8_HT5ISeOFJ24sGyj2VaEIlhpiFYl4JWD15mkuQi_Ey9Zt3kHeIBBJHCBBp3-MFt7gLQXpI8G1TIVJfSxfMNIv_WR_FcrFE36-soWbMj5vA1qDE4hlSen8sWLpabO7s15aqNwnzJWpNioHyuDnHig_hsQv00bs8r74sGyTBHZV7LAfiLJlps3wOZURXW618RAo1ds3lki6gQUd3-p-fzvRyOB6vAdk12kQ9lliGCFV9ta7OZKLGmS0HROTe1ZB4yCc3V1GAO-rtXu9tiDe5wsnsuQuNCvQfTSBQ3QvTt8ZL5zFCIsshhMl0zZkKwF6ddmmsOSme6SxXxSyh5McB3jNo9IZHLrVsOEyvy5cjiFnpcQpU8CR6EDm0blMVDXNg6qFwbCggJT8SNRpGvgc8L98QPI4EMsyuP6GJ4EHbAyagvfO-4CEGH_gzBwKM6wyLDaYli41jU3KhUvHEkVbYDkCGKpDJ5BekxiedpUzJ6nnUCpHRQDghLR6BpyWM4JBCSuug3NBPl_MgVaPgcS3tcBMs4KduNS09rzword9aOomc60oEQY4Zbr7WqPLvii7dkz26zcolhrB9_iMAgqtS_g9Pi3IcQ0J-7_VljyYm7XebroTRV09W7ZHPqCFZFjgNUnCUirywEQ7bz_Z0-QJMsL_4GvSrQv7QfPoZIJMbqlhevgaRz59bGuyUr7QSvPNNyoNCty16IPGmho_kzKabKtjfioUMU5-I1_X7j4EJRxwDyB-Wb50DSJYn9OY6ZUiIxRMUyG-OvjcvveEGwqv8s7MvGtHxlbu1cwAtFJJ6pi9mRJnhJX_X0C58DP5LDusmXNzpDK4Tyb7hKzTqOFkOwX6Vpk2C3GLSdkA4zOPsI8kIH2QIi3oux4wgt9Eo2qx8iTDx8uQ1l8b68fbfmQF1VxJwB0wyUq0ybK-1C_7zj0U_riCC-CKU8L9aQinMuGNNOjzrjeMAG2IRVutzJtBLRDSikeeVec2ZdUIJQN-xzSXMr3Cz8hQuuaxF6DwrstQeGBbUFSqAj6aADJuG1jqFhNPoDqyKdh6ImASiK_mYLTVnQbr38GM6jE2_Tc8uNuYp51xhx2TsDHHhC-yB4TQ9VQ0RScDynsq9dsxh4WitI0UMGIefZZy5Ly2qoP9Ry_cqaTGK_duZ2NGioEbDi-jp6a2cIKzMI6Tsn53DrfNxVbdwWOAaBVXmeTGicQs2Dwzs2vMFTtS_ddSYBkmPcpLjTZP0THKjFMdiU9lzq7BO1wx6t_9NruD2RqazEFurm6MYdbTGJOcvlOXRBl-K3U6e7P55A-RopHjp4i-A0h4eOk3L_6rj3UdgZ1XNJbWMe3wO5V6Sm9zc1lJ7bz6_ygNx91go_hO_1scc_14Pd6qbmwWyn7fgdj07xR7xisljY_-0q3IVpwMbbR3TW1kQccTBf35MAWk8QzApUhWSTgdrINmUGl1NF8H8ahsX_XhDlYLSAvcEg0U1ygwbeA7eb5cNWs5pSQLfUYJ2A0kzbfDVs2W_0vGwzMxyF5KWRZyAaB5veRI429bxNUNskEAOhYEvL1OuDn4L57H7cZ0gably0_0l6wNfDVb70PChXIE_yl0Q4WrFRFYzzyddwnYria9zreEgRBartOHBs3dpa1WUV6bmlwsnnvbJ8GYEPo9D-vNP1LmdCfjd-Crp8li82D_jrofDyyw-dS5UfsShYgSP20iIOTzohp_QBF9o2-fMQF8fH0aVHu75xHRnxiIJSSvjzKP5LiHkFXgHK6fvVQR_Qy7Oed0LFjjTectfMOqZq2mgm8UZuUDN1rxCpg5q4H7400iHa5fCHPNbvi8VpziXu_zryqHclvGQJujZsmJcETAbIpF7Y1UVjEqdG94bpSKIK5Ag0Eya9dKfZVLLNc0Q-tcTE6H-uCh_fiHQthR3PocfBtqr3c6Cnm8DftrCwysDvrlORAJ0gOUpz6FgiG7uYYfZ0IL7fpL-VQDcNhD4-BVLkuw7ktHeM4PqFh4ih8AjkgEpVEVGE28M6NWJ1JV6r5YtRRcMalWudiWoWcElYyEPL0BiTcRPsIECpOpt1_nA8EHr84zl0q5HHVN9QCkNHteK9vCDBb1XaKxPRJjKfQmbc4lnWP-kTQzqxf8JyywLtj63ArWsKqu-TL9sObQEqr7EeSPaIyK2oG99aBDCUekfDSOrSXO9kNTCAxYfofrfWTbiQSgGgQSdm16qJcLv03zmYq0t_y4wLtrsMM8W2cYLLRoo9XYabrlUzqPwcMXrZqLhWRQN6zFyG-pPmgfiJ03rqCRK1b659DP1Dq7XY0TseF9aQaJr9oE5HdxlskKnq4-ton2KlM6dGAfbyf0Zv6SfvlwAUwn6p2HgH6rzO7bVxx5kSUG2XMyju6QmJIjpbjZfUcn65CI03uL5VirCAfmd6SKO4YxFPJRaDkCwl-bewdPux8Jy9u4DUHyA075P-qf42XKS60EAYRtlzpUG_3EHdvOzTu61uRFzqQoLUQPGZikIBC_pHbIGrFWd58sqC5rkJJetT9XURdKJXu_cFhyL9vL38ZeIsS26juQFHm4qUjqK9-JzECidKbc8oM5x0-HWmrw_lx-fKUYWXhv_uhg8J_lo3Rc2WrA3xxLiirrWFBMnzHzlaV_FjIMPJa6UyFsH81rJxcDpwabUA8MeFkd-29RP1eo0Q5CVlnQ_LaXQUjdHi-bLJsGTKpiK3uSrqORPPqXy9IbyotPsnJqzTWKmlYvTUue5wC0xX_9NEM9Cu5n5BWHDEWnInnchHWGfEdS4HDUTAdv26PbV5Wz4kTioTwyzoIzaO2OIZZoezkkkAQ22lkcDyS1M8QS0M0cTOdILTpcCe7YIPYz_tdaQwyeciDbKHXtKkOfxapWhthbcn41yU8hyAg4spszFBgOGQRSlQDIYeVv6y9E3Kf_f0uY7SE8Yq3UogJ247jTlzoiJ6v2FMZh_Xg1VW4FM8EL8C1y9yX9-Hi8piRrMzm2M6JBgzgzAWTf1n0XbmCGGz43VhZijHbejZAhdzxz6ft3imlGFlVGh5CJwwvyv_VVPJ2cPb2NFtequSmQbU-gAFFy-gTaPw5PoZJPUB4aia9TdochuQokRrpnb0c49SCo7PIto6y2JRO8Aik0Jm1FVwxasihLeoSd8Y0RdF_fHwT2qwidOt0Gz_FwoQxg7nUjB4KTa37W-GJRvhHMppZ6C24ySYzXUBqmZ4gQeXEi7v7fMhpDNLabMFHWYWrqcA7ZE6QKcQcwX6mnWaau-dP7ohk6NVhKFN4V-vWziAqZ0cPMq8aYjdS0_kH9iuS2YO1zp93OK_oM6G_2VyalL1Uky606wodIenTnHVvNbEPwP-n02cX9lQFQ1NOV2_he1Sn7B8qa7nKcyfg5-us2F3hyhcXuVwfXAlm1Sf1CJzaIKJn6IEFn7pn8Z3pcCwtzJlzU1SHgjtCHD5K73wIJNztjdsvt5wM3L6U47PQON2IBswsmGogqHOQF5aAAfWdu4FE9N6B-njgPJgczRWpG3FvU_qNS24HQ0QWjyFbxHDELy2DAvbwCeHYH5rQRb_-fySMSdt6iT3KgJzIPu-PqL2CHmR_gzLGAkyXcAM9Tg6aA0NxOtJ8ZoZ7qMj9m5oi2QPxeIfwGgPErernv29IdbE1lyvrGPBFpGt2fkB0qZOCp-8EFHGqPFQesz0yCPxoTm2FdfndzyZrxG4EHzPf0m-e5eh8XDiG3EtDLHo641yp_EIj-YIyMdjOhNjtKZ5BywHa7VCgkbwJWUgMsNneZtNvdyQdKQZBU2AgBYimPLXznZvPcLy2N5aQw&cid=CAASFeRoaVl_y8BoZhjbwUb67yNkSglHgg&xfc=https://adclick.g.doubleclick.net/pcs/click%3Fxai%3DAKAOjstyagT1wg8d7gTE6cuGC3kBNe3XPUBDKHNGDQHB2VCF5kNaxjdynzw_52ioy1cyJ_7gPlhzvrmPgEV66NPI6Sz1TRg_oRtxUWlCO_NmeJ1kK_piq0B2FM9CrzG8XKyX5SXxSNyV4daLnPdBJKCElT7Rm9epGAGQABehzkjyvq04J_XUZ9LDW488ZaJ6bSa8ca2ns7vuVBVe-_rJASb1TqM57Wa_k67ZHYdz2DrgWSPVF3DeeVc6QTMdl0TAhwZHKWwkQvUyt225NPCWOVN1UCLTzrKG1_H8BD-A3KLlLDvwK0i2HwEPwwH5VdGv0MMYOEY1l1slkRrWi1AboEFVovGtt7woovoeZc53%26sai%3DAMfl-YTTOlU79OqNZOg4WwWvdpGB70M8q2QrljloYNaB7eUnDFSoAdRCmICHVCkdh82mk_nwlQq5phF65l7WNA5pDPbEGTryVEXK3ZjYPJWML9gXLmV8BrSENuL7upkvppA%26sig%3DCg0ArKJSzO-aAJ1mKEX-EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&rfl=1%2Chttps%253A%252F%252Fwww.legiaodosherois.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:57:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 00:57:03 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame DF30 24 KB
9 KB 39ms
39ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1672
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Nov 2021 01:07:09 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AE5 41 KB
15 KB 39ms
38ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76630
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0AE5 0
0 76ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveIu3Gze0zSwn7iynZbSkcWUQpiXQ8-4UNAEyqP6ld99KIN9rHBCPKx7hN2YWLmxfgUye97teeRGljLbM02v5aMMq9RmAPEIAmi7-n3xRuRV5XQv5nWnFZK5P66CzoL445b-cVIsfCcIlpqDs712hXe8WQJoZBYl2xsh2sb4lmkUoZGf4UJOrqmfs1CMwYlK_MGEhdgJGI9SOppkZ-Egsxscee3U1MaYghkeJ_jvfyppurXwFRLCVKC495htf-Kmwk3p0Zk4Iwxmc_3Yomw0OmupBfC-Rwbak1WBWtZ56CKg4M7v8jk_x5TgPoxmeqLRh_Eu3spu-ZEENDY3xo2weJ_NydxFvENMmjagIGKTc&sai=AMfl-YQiBd4gTLsYqg09pb2ePogmQGTdIw_3DDFjUYk9wJjWCXd7zlGNZWGjZ_NFScQ7nDUIQ4TgmwAFE2BHJj07TPeLqJL_tqPk5ohGofGN1UMjtaenrfSoqsE0PTxaTNHj&sig=Cg0ArKJSzPhbdmDanHv2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
DATA 200
OK truncated
/ Frame 0AE5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 904518aed1fa475c5648f67ca7d3e0a080b76af23ce93ec932037637bb2439df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2262 41 KB
15 KB 39ms
39ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76630
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2262 0
0 75ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvECRoTx3cP93xFNwByBMW3yuInH8QrNWzrS20qucQ3nMhBuTmgQPjDloupAWcGvQLE1t6evnQRXUT1Anb3B1VqWO7QCnocR_VB2d88DH-xup5ljWqbXKriRm8MvMn-_kYkVY_EwQIS6K0j47leAsU0hT9cWOW9ZhSsDnHxK-8IWABcpCkuSmPWAN2_op_kkNwW5CJyd8FSfEcvHoC69ipKecZiTxtMeJLlJ9iLn0fP9oi7Fks4YvAvMy4aeQCy_iMLZ012nODmScZUXuJAIt4X031euszcHGp3-iKj7sdYQVSJxxfnx1B8uJkh3oxVP8btRaWB58INSL4DmycJhhmiCWhqqS23QF4ZNU2P05o&sai=AMfl-YSN9NxjFVsRWb-BmhvzNLYJI-qIe08Taz4Aqrr4XVhAxSninVEKqj0qSNkr8kgJMXElTq8wC9Cm_XsjcZ_LBoJVvpng5IN1oBm1tpaAETfR6_GC1unGVdzOqgp2y3BJ&sig=Cg0ArKJSzHss5b8O60lnEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
DATA 200
OK truncated
/ Frame 2262 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf082a4d5281fcef693134e8cfb74ffb38890d096d2d2ed896e55f5050e4e3cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DF30 41 KB
15 KB 39ms
39ms Script
text/javascript 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76630
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DF30 0
0 76ms
75ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt7ioHgC0QM3CuMJQImU2UL0X5kyOtbBRT4MKzr7asTEP3B36eX-v3abnM0GEgEsGJWYrianQxGjBg2-nqfS5zW6SuA9MuTtUZqbONxcPzrjg3Bl-x7ABEyDlyWBjXFiDHznV-1WpsjhYN3DZYPfvOhxYWyd8_HkfgU4elPv68_cn_Q3FU76FszCpC_Iy5zs-wjYE6CXYy5GCPWqBHGWoxHul3mMqCsjHY60gyt29zX2aMhaSQ06YKNPbdEznvWVyjbEAWU-q66fzKrIf1DMePKgvQtatInEcO_rfgOyQN0MIWscECszmiDu363yCz1mVBzbNLqfCPJ24tpoY9tybmLRWvj01ApqoRx1bztqM&sai=AMfl-YSRTUgGHhRvzR_SMT5mtrKZZkQMOYExAwWrsu6TpJD8kPM9Zs6vJn1ZIPpn8ERL5KaUp4vd67KrBEfvU56Bw_Yya2gXTihDDKlf2sD_kxdklVn7LTxy5ePsgjWZf1Q&sig=Cg0ArKJSzL16-dsXbA_UEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 13 Nov 2021 01:35:01 GMT

GET
DATA 200
OK truncated
/ Frame DF30 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7aafb3e977efce4e2895bbb81408f9bd70f5985b49ac885f5537d8c54e6c90ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3E12 22 KB
8 KB 39ms
38ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 213447
alt-svc: clear

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1DA7 22 KB
8 KB 38ms
38ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 213447
alt-svc: clear

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 84AA 22 KB
8 KB 39ms
38ms Document
text/html 142.250.186.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f1.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 213447
alt-svc: clear

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E12 35 KB
14 KB 39ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DA7 35 KB
13 KB 43ms
43ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 84AA 35 KB
13 KB 38ms
38ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 278067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1DA7 0
58 B 75ms
74ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmnJ7RRaPYdqEB4X1-gaCsJ6IDwAAAAA4AeAEAg&bg=!AwClAETNAAZQLpa_UC47ACkAdvg8WgKdgaCCZ61fO8GnKK5re0fR6EoXD3bg1ljbkJLMLpdfi9vQ-gIAAACSUgAAAAxoAQeZAxIUc35mxJbmy8gyGmbjudf54uXVHFUueLA66oXzEncktDfpiI1ZOvtYbZs-uNIBJD13XbmJ4DShPRMHYO6--Iel-3mE7aYYmPYFNBDD_CwMOWGG4gjgyV4FY7o2cqhk-WVXnqVEcGztN7obj_7ewdkqSneDYCLmGAIKin8WDdiwZHbBT0eSheQE8JdFaEbW1wCkzxOAp-ZjdoOF7rKKy4X_YXBe6R25qA2lKzpgDJevZgr2zfSTgeRKPKlPD96LXo1iDvArdm3zDOq-MTcW2WvU1JN24liqKNr4d31byhbnCLzDGT5pFNfcJ680dozkznIYNmobbjUW_5ec_glspNRpeMOlnETQGOnlqE9sijldU6bGxfJnXXrNN3YR7b_Ai5B-Hbhky-1o7UvkZjDWO_M76c5mbfpoRVrSplZ5Ik-JLY5XBadPiBilgysr-EqYKCMPgwYQhyax3544-TOqLoqGSu79l92v2QSqqRM6De2wSjX1n-uFxKdPzWRR39RWZKYkdCioNN1RPl4bhEJSoBWFfzZ-kPxSGufDqbJ-_KkDqDL6AmK9VQ_6hRvZ1Z3Ju2_M0SBsnlqmhuCurV22yx0uv_Pa7eKeuhHymD-PMXmwHzopoM-ND-dmNFP6YxfC8dNI76IInFGxooIZTMRPxksuNYUXIOELm2xX77w4Fb7PjJ5wFZb_vRuLQouPSorOQmv85xc17AjEQscJ9qVqj7_0xCZN747I81_CpVEI4-K7prYDSsRZ2IVYQF85NJrZqLxj_UYDqBNeuNKbZL2D4i7BOTXXEMMAnrKC1urAYQzOOQJcjs0AiU8d6ZmnsSgwXAXtsVFH1db7oDQjY_qN0xw7rYRVHDlrNrBHQBYV_1r1tq0g9SryupgWul_lr4F5PZrARJyITY43eq6iCEwl9BraK0UncGPks5Ay66s545-awsYz4F0oGmiNW1DhxLrvKV3WY7EkbqtoaMtQeYlUltUUNczzII938VX8PUWOf7sUFCLDGMiSIxtsgrv6jFYCsltpBBCUg3prE_u_uiAnOiMeezg

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84AA 0
56 B 74ms
74ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWOfERRaPYbr7CJCNgQekxrHgCgAAAAA4AeAEAg&bg=!oKOlo-fNAAZQLpa_UC47ACkAdvg8WifADn9w5vCkwNFPGgHTL1BoSRWMXzpJSLXszmfIXj4QiWpbCwIAAACTUgAAAAtoAQeZAxH27KbSDSjcsO02MZQLHCBQeS1GXVStBOW5gHw0ClhGSXbBYHhQIBr5Iiz0HlAXZAju9-gR8w3lJXXVRWxFEr4d5je8SiQvTvy4FcIZsrP8eXt2fx2u9mM_8DjajjlFe1DbAkmY2tWTXYeHlFPPH0cBUgpecUpbUmzkhjWA7wyyuyOWeSUskTRNFKBhQGqyPhpW-zJWA41hHEjFOsX2jNlwjUteUXdexb3SRM2rzh5wslxYKO36YpZ19zyVUL3RdssdV3gESAmSwYBQcl_KK8zl3aVAXTo6lIkSXMsCFLX5M_LMs2NAJM-FbpSqKyw1EzVImiSxLvzkMeVIRyAgQYQRr-EUTmEli_aS33lQ4XQWEYsmHLUyu17PCnsO5OiRYH1e9I9BxLSZkHIRj_1r-V7HFN8Vo3ZtAWNLT7qZNTUMA2uLMNGyZBegccxfSaWmeotwSO06h93BbAqdNv5sueFM9S7VGU96Bk8RhANp9JDDVNIivD5fmZt21TAb6AyymVpAH1iIJfoNpuHdCmbH10TrkZszg5ziDM-5BPh0BqqKLzjGn5cro-4rnaMV5_18YFta_sYvFbMryLvIzOajoBbamvZWGTAqv62Zd50leX9WMBgZXhDSs8nI_O3a4cZ0Z7Owb-8P3YU-A7srLekEimcYb0BgW1ZFsZvXhlca5iLlip1Fer4uUJiTXYugREDomXvRM9bZwy0wlZ-sNjPhrGnFY2n8uUvf6WvJSKI0x0Sk3p9W9A-YXrI-ebDsHq8rVDjP2L7vD-1tJAoT-JkZkoOZTnQar6sXYR4aSpU3MLVjNh3rQ1RUCyDOhmbtl0KeR7vmQ-y6V8iToN5NcrrUWC45mQwWgqmYGGKuQM0w-7W_YrRJtSNbJNOfad_CMikrd4L7xPGOgKERGM-cL-5ufwiRwe7kOmx3juE27paeM7qE0jvYLYNkY2IBZCO7NraR5TkkXBf3kI-W5LirkMfy_UmlrSMP6tXyrtvG9MeqY_k6iG83clmnkNOzTKoVuh8GPI-3WXDx7hMmhmUMcKyeu32E8A

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E12 0
56 B 73ms
73ms Image
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTcZ4RRaPYbHdBP-zx_AP0Z-16AMAAAAAOAHgBAI&bg=!QEOlQwfNAAZQLpa_UC47ACkAdvg8WscE-gfXLNR-Q1-PxOaCynRJmDlsYVrauhL4gGjpdSjtjBDQHgIAAADAUgAAAAloAQeZAw2y1C9uLai92J8AH4fSlI7k3_4RbCOXL7xo_848Q4L9PIaHWiShQWP6yn1GiKl7vGAW5xlBCfHRPSCobH9S5Hzb3FsfLTXw90610QKRuIi7eqaH0dAORtGE470yn99pVcK-cRwzOkG_FtsQ6bwEF1-lfFrDTyBICt_zyhRoqcyqOpmq0H5n3fvcHGsVoKnNi3tFQfcJTigtQiCVRQmc56UJ9jdY1EQGhdRz_CFreRKuet7HW-q-5Q4MpgqXY58rA-HvPY8PAfy3KVD-S2uygxxJMGganqIisb3kIRElyHqSnjvQ38HBMUl2hrj3LZYqz65xPiFnoMG3YSgjK8NYlbZQakD0RZFYfV5Rr3N_Kk7aUGq3sd4gUT63fchesdbmZJfIDkmIxdWULvo0ccA1q4kBNlX7JKTEI-Dk6ICQaD0zeyI3bycVGgnXSsfmIkrzWpAY9OuN1kPbCwqqdLn1clE3atUlfyj3dffl-CVUK26RN3ywUujxbv0JKmUDsHdf2496v4SJexNmNB8DCPpzGZWlrtDytfE7qEzv0Iq0Cb9VWoBO-XevSXsB4Qqj7uRpOpHLaEl2EGkanYfWX_H23NVNhqLhWrln67U_vbIZov-xPuwkPOoXhnCr3lcSjivIxUN8_Jxy52YseCbOjgZrJd3YYTApt6LS2CCDoiJLfV-0gzZtjndKpIQUnv9WRZ0oLPibfknNdFPPKf_RgZu4MBNTL3xhotlGGeDt8TsuX2_1Jqja0rRwfRKSSbVruImceey2UgRBSY6RNKx0DEjStjzitzWyQ65hpwyiq7uiz1IcketC1bJP_-IjcoM-7hBKkYzPWjPHSLG8Hgv1sLEKRLBfzqG3QFVfwFSB09l9Fxw-v5iN1-5IcGQXCPIRTjfdH-gvBTPuXcWO9Pw9ILRDNX_gZrrxxoKwGcy7jyQjw_b4TulRTONDH_EZWC04fNUS9qDqskBQ_KukSXoRH9p6vI9Yqm4CkNv23H3qkMkytGGva7yDLBUx1l7fz5vCu-jukf5XWW8Mu4ElLRwgEhBp

Requested by

Host: 8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
URL: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html Show response
s.dynad.net/stack/ Frame B8E5 6 KB
3 KB 804ms
199ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

date: Sat, 13 Nov 2021 01:35:02 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sat, 13 Nov 2021 02:35:02 GMT
pragma: cache
last-modified: Fri, 12 Nov 2021 21:11:17 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 234.000h
x-varnish: 166141431 164632039
age: 15825
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html Show response
s.dynad.net/stack/ Frame D5D2 53 KB
18 KB 999ms
395ms Document
text/html 200.187.199.64
Universo Online S.A.

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html
Requested by: Host: t.dynad.net
URL: https://t.dynad.net/script/?dc=5550009734;ord=0;click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 200.187.199.64 , Brazil, ASN7162 (Universo Online S.A., BR),
Reverse DNS: 200-187-199-64.static.uol.com.br
Software: Apache-Coyote/1.1 / DynAd.net 2021
Resource Hash: ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.legiaodosherois.com.br/

Response headers

date: Sat, 13 Nov 2021 01:35:02 GMT
content-type: text/html
vary: Accept-Encoding
server: Apache-Coyote/1.1
cache-control: max-age=3600
x-dynad-assets: v2.421 Thessaloniki
expires: Sat, 13 Nov 2021 02:35:02 GMT
pragma: cache
last-modified: Fri, 12 Nov 2021 23:56:19 GMT
x-powered-by: DynAd.net 2021
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-cacheable: maximal 144h instead of 542.000h
x-varnish: 166363599 165324902
age: 5924
via: 1.1 varnish-v4
content-encoding: gzip

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0AE5 42 B
372 B 910ms
369ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcXf732TjIgGRJTxMWyAbsWLLSzL6LFT9xzvmkmOTNHTFI1alYbJtmveHIyq7J9lvHMpBSlHnmEFDmwwZyW6bSzKOjPVU6DIWcMRY_0ZpGQRNY5TOHUfJo_cajeqvaTZoqA2v8RXFzPWqMIqK59jZlbSxC1o8z0xMXSuHw2qE8Sob7G1zeijAuDeIi8jM0R1vW1LyVXIPKXa4EGvI&sai=AMfl-YRoVoOLmJxrVVOYbf2z3JZGKcwOd6bzCkq6pY2Bk1aFboXiMZBNs1Dqatl7O4pHmZvgqyX3uTtxFvKxyVjRRWvgS7JZuoYS7q_9_ZuAdjoMC91S9y2Cx4FqCU38ET5b&sig=Cg0ArKJSzBC2CHcmuSfxEAE&cid=CAASFeRoyKyqdT65j4pULyQz3rZMlj2fgQ&id=lidar2&mcvt=1000&p=10,627,100,1355&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1696369987&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636767300279&rpt=981&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 01:35:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame D5D2 58 KB
0 835ms
89ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.dynad.net
URL: https://s.dynad.net/stack/928W5r5IndTfocT3VdUV-AB8UVlc0JbnGWyFZsei5gU.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s.dynad.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 01:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: clear
content-length: 125138
x-xss-protection: 0
expires: Sat, 13 Nov 2021 01:35:03 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: silphco.legiaodosherois.com.br
URL: https://silphco.legiaodosherois.com.br/frontend/dist/A.ragnarok.aa3171846f6629cadf50.css.pagespeed.cf.Bh0LnyF9Red4qDOnLZ8u.css

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.tailtarget.com/	1970-01-20 07:25:03	Name: u Value: fwAAAWGPFkOjRwbCNn6LAgB=
.t.tailtarget.com/	1970-01-19 22:42:20	Name: _ssc Value: y
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|XoTpdAZC/OrCXi+t2tt8Mx7c5rJaP5uXhxpnGfrzPAh1r4f5PW3gQ6qaZLiJj4/FKQattD3GB2TGFkanCXKRK1XEokALhlcJ9R8vVZqPCx1KqnWuDc9aU/+oD8/ZWV4=
.rubiconproject.com/	1970-01-20 07:25:03	Name: audit Value: 1\|naVuGyos1qrFMg0kPEqF8j5APvdogVCbaTd6KyMQnasCO6vdpaaRUzcm1D34Ujb/xWvmwFubWN7wHjcaOHevVYmbEbB2TqunfyCwEZhd0oXRLX9QU2Jq+bKpUjWTmmg0
.rubiconproject.com/	1970-01-20 07:25:03	Name: khaos Value: KVX4ZNCS-K-M7NC
.adnxs.com/	1970-01-20 00:49:03	Name: icu Value: ChgIguZwEAoYASABKAEww6y8jAY4AUABSAEQw6y8jAYYAA..
.adnxs.com/	1970-01-20 00:49:03	Name: uuid2 Value: 1062059500718982634
.udr.uol.com.br/	1970-01-20 07:25:03	Name: UOLID Value: 30a1a789-14c1-4b43-b266-41d3c56f3172\|0
.legiaodosherois.com.br/	1970-01-20 08:01:03	Name: __gads Value: ID=a24156d42cf4a998-221d4441b0cb00f7:T=1636767299:S=ALNI_MZWEr82ifjRindAI-qKCeVAudwUyA
.casalemedia.com/	1970-01-20 00:49:03	Name: CMPS Value: 3270
.casalemedia.com/	1970-01-20 07:25:03	Name: CMID Value: YY8WRdB3DuOrOvYQvUuMhQAA
.doubleclick.net/	1970-01-20 08:01:03	Name: IDE Value: AHWqTUm-NociScci7MNFEy2Dm9-oll2QFy11l0Pjv6NF-wJh1E9pjSUp3HFGojezQ8A
.casalemedia.com/	1970-01-20 00:49:03	Name: CMPRO Value: 1113
.casalemedia.com/	1970-01-19 22:40:53	Name: CMST Value: YY8WRWGPFkUA
.adnxs.com/	1970-01-20 00:49:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2HaQtBd:a!@wnfH8K6pQK`!5=E<*L5?%KN5v_i+e:_zfl]6TWfyvaVigQjkBR#d97`!Xt%nugO%v4VB%nmBo)i-NZ
.casalemedia.com/	1970-01-20 07:25:03	Name: CMRUM3 Value: 2d618f16452760CAESEJnlJaE95ynuvvlFqYzVDxI
.dynad.net/	1970-01-20 16:10:28	Name: uid Value: 273531636767301331

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.legiaodosherois.com.br/ Message: Unsafe attempt to load URL https://silphco.legiaodosherois.com.br/frontend/dist/A.ragnarok.aa3171846f6629cadf50.css.pagespeed.cf.Bh0LnyF9Red4qDOnLZ8u.css from frame with URL https://www.legiaodosherois.com.br/. Domains, protocols and ports must match.
deprecation	warning	URL: https://s.dynad.net/stack/KMA9C2O70iP6CHSgXk0LGaQ8ML9m6vJE4RIi1Rf61p4.html?v69 Message: Application Cache API manifest selection is deprecated and will be removed in M85, around August 2020. See https://www.chromestatus.com/features/6192449487634432 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8bbd8260097209820848b7c7bb37525a.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.legiaodosherois.com.br
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
ka-p.fontawesome.com
kanto.legiaodosherois.com.br
kit.fontawesome.com
legiaodosherois.com.br
legiaodosherois.disqus.com
m.t.tailtarget.com
me.jsuol.com.br
pagead2.googlesyndication.com
s.dynad.net
s0.2mdn.net
securepubads.g.doubleclick.net
silphco.legiaodosherois.com.br
static.cloudflareinsights.com
t.dynad.net
tm.jsuol.com.br
tm.uol.com.br
tpc.googlesyndication.com
tt-10162-1.seg.t.tailtarget.com
udr.uol.com.br
www.google-analytics.com
www.google.com
www.googletagservices.com
www.legiaodosherois.com.br
s0.2mdn.net
silphco.legiaodosherois.com.br
142.250.185.130
142.250.185.162
142.250.185.194
142.250.186.129
142.250.186.33
142.250.186.34
142.250.186.36
142.250.186.98
185.33.220.145
199.232.192.134
2.18.234.21
200.187.199.64
216.58.212.130
2600:9000:206f:1e00:1:bcff:6780:93a1
2600:9000:206f:5c00:6:5b96:3f00:93a1
2600:9000:214f:1000:6:9eb2:5cc0:93a1
2602:803:c003:200::51
2606:4700:20::681a:769
2606:4700:20::ac43:4a41
2606:4700::6810:5f41
2606:4700::6812:1634
2606:4700::6812:1734
2804:49c:3102:401:ffff:ffff:ffff:50
2804:49c:3403:2676:ffff:ffff:ffff:6
2a00:1450:4001:801::2006
2a00:1450:4001:827::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::200a
34.102.185.99
032a9311ef487838f64e1c4c7ad10a8ac844162602cdc38575552ea1eddfbda0
04efefb2b2abaaa5b113d65d0e690cd2a60d7f47e39acd01c073a2dda53c5ecf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf406bc7aa0626f501b81d23c99bcb3c4431105145f2f44ac4f7d337e0377d8
102559dd1a7a29db18b430a3c8824d167da18ac73c275ed5c3cc93140450a097
11cd0fbdc69f6fe9f07d7e23f676633453c199fce553cca27c173696290eb3bc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ccb58e7a78c82eff6b9b9bca91c931b578b6eae0142aa24db128d6ef80b6c6
12fd58537720a211bd53e54aa85b17ccae5c699a3b5bf83469185c9a5924bb79
17b4a304e5b2fda6fb7c07c294962b965b26018ddfd240ec866bafa4791c671a
1a95f2a16310d3feba1a18264cb7baf64411fe9dd9da44a37d964d614b96dba1
1cdb9a6ee843378cddfa5773317bd85c00c57fa332bac3edb9efcdc6e0022283
2069c7e73ae32fe4b19e0c735bca1d2bf14c3887380ca55510c0fee2a4b6510b
27be52e7a359ed04255249833fc810567dad63f86096a06ac3e71864c9137921
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2b95521dc97baf1f435c4a673472223fd090c701c8a8f03a97d39f030a095b32
2f6ec14f2cdd94af2b44c4060f06ebe63fde63239ae9b441332e98e77f4430e9
301478844e69f723c541b2567d878823a025d1cc94f894e191cf5be20df03abc
303b4a9b150b70f66a8605e9aeb09d046bd953a1a0638b64fd446561fb86b2a5
312e7c664cee8c126ad1b394f94ba759ecf716b4b1e1631bffdcc9dff4cea106
31a983668acb15910a496c3da01b97d99927b025faadd4e1b36f8c5119fc1949
33942699c56dd95cbd83fe1e97fb7340394ab421d6c999c015fb85cdbffd42d2
33f1e2ee92317962765cc0555c9e94477c8def25e5d8d12dcf1e807811b88c47
347a91037320dd72a57987bf6c84e628a240cf9e6b4dc68f34e2028640c987fe
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
37afba5f3411568fc2dbeec662042ca17b4fc2d0110a4894d793e6ca6f2cf834
38a9f1ac2b219c9e125559bb3ea8be0a743165e2b782add3c088b6ef9605cd78
395b7a72f4c8c65f7a855342299fb39d1b387ba26750f49feecd588931480b50
39b965537b8ec8c7e743e2a7bb868d736059c07ce1ded71242eb5a2fddf9f3f3
3f7814b2f9f13112211ea7efd9b866859661dc2da873b714e3ab2eb4958e9f63
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55cbe47daae2e1d00bd3185c4dd5b23f43c658c3a072cdb369f4080523e222fd
598e42a96a7b982f55188fb941581905eb122f91c120c242c2992423a8828378
59c18f56c7dab01b2936311eb7a4b128a27184cd0560581b3ea38027b4e6aed4
59dbda86041a5f394b83391ffe0b939341aabb817fa60a6ea78c80f5835596b5
5b841170159fca66c02ebc6eb8be803c52443b8f8ab8048012770ed1785f693e
5d96230e202a579b678dcb8699a4e8911d952d9a93bbbfcc7e238bf08df8d788
613de92ecdf01dd6178ab859147c5083547c73c9b37183d8c9633292932f65c3
636a54e564701bc95bafa8089fde0dc511761de86adc6dd1e84959bf6b004c5b
67ed54856b743c6e064253f611084475015ce883fff3150f710b8781e599d4a0
6c34b36885fc10bf0cede7dc315bf08c838de093b90d447f41b7407fc5ffa2cc
6cce3a5713d8be9ddea5f085135397ca929578a8ce98e392edd149dee250625c
6d190c985949e8a0962ca2cede3c214de8085dc9d11c726af6c00c1ae5bb7ba9
71c0d01b58340e2f3b93195cf397530548c4a1c47c2dd06658d4d6ab885411b7
72864f45951701ed5abeff31fff9660ccb7922e687aa201131c2327640146038
75433a0f82b120f56634f2feb08aabb26f8c829f4c3480c44bfafc6703c93976
7aafb3e977efce4e2895bbb81408f9bd70f5985b49ac885f5537d8c54e6c90ed
7ac70914f7ee5f77718eacaeaa05138417e8e7b529a4ed9d22745b458c198b15
83842dedf01d4215cb572ad340a8e14fc59ff6685d1b1d366ece441ec70c7ef9
85319456d833877d3abd0898544fa2efaf5969b05497e1fb20f2c849d9e439d5
8554f4b0b9673c6d5e9dfcad8d9c6ff2b635131552028bedca1383129682677f
87aeb6c0c15eb09c6c3e1c79ea5f1fa6cf9808e196baa8c182e22bbfded9f1ef
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8ad012803e63980f185a7ee45c983ff2ab99b7751fc8f817f86420d620f244d9
8b0a7bf058d37403dc8bbcaacb1e3d1b60518466cb78b9dba1ab7218411d3195
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f850627aa46412b56450f99c309fbfa8786f65a46b59746223cc135e2535b46
904518aed1fa475c5648f67ca7d3e0a080b76af23ce93ec932037637bb2439df
9120bd86f7501823599a79f60f432e7742f2fd00b17984230cd6641085548690
93bc2077465686c2cb451e2eb2d90fe780ecc76e73f57db533394df0afdacc44
949028d1752f71539cc6437d0b0e5a80d061a9bc1ac239cd7a4b334512bbc58a
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
961e4204593da25ad2a5f8fe44ec83ce645f4391400356b16d5287375b14f48a
97666956e5e2edfb7808901e0069bed90df2996ff466b9d67de8f3efe9c8e56c
9814dccb6f91dd8b95b29fdfb9cbc98379e8121baf0fefeb12674321a1af7276
9ad664b0d4c037c56d800fdf2c1a39782602f1e5d3376e4eb96881c22f689904
9b67b7a6c8a79a68928f62601a3d1979c6a1d1ddc6d7db8254fc3e9f068d33e4
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a2470c39df28c3c7c1ef5c52fde4498a53f21c35f842e548a517c2b250b7cd4f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa3a5edaba28c9cc9a5cbe444c48c19fadb55d01fe5432cafd9add561a4bd890
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b175fb0b96a2ba3ad65c113bf77cfff087df765be5fb5334af19e24a15c9b72f
b5fd22fc12755f1cfb5b8cc3366d2037bd027ef9e96f16f02533dd4cbc043c3c
ba2fbd60c80114157bdc98339685d15fa6f82125ecc1aba3e9b964b2c1c06bfd
ba70adf2020216558d39892f39d469a3b8eabefe26e3fe038c4e14272fcc1506
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bf082a4d5281fcef693134e8cfb74ffb38890d096d2d2ed896e55f5050e4e3cb
c32cc17a09f4de5c9a46d88105ca49ffefa6a68d8ba9a6f6d1726dc4b02c66b5
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61f24c091dfec7a805c32bd078020ced2afe532e058b4dda64a016827f9be02
c6f32a51868e5a7b9ac461e21c5029b5469796447786325ae69ce9bf134ba977
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
ce4366ee4741e187f5d2c0102cdd817bfef9d60eedde1c5da1d7507d026cb8fc
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d056f88a2fc8638caaa08e3935c638719ccd618b2a4e58af289da69c664bad54
d2175aaf0c5cd4cf76e7bc3a32446facc33749b4767682427358d2a1d5f42da0
d2c9fcb5fbf487c007547d76a53c5cdd6611e473f1e79288f62b1f2cccf30d21
d7e4ca5bd551c7005189554341eacdaa261a47d18dd4a7fc825609a6dfacb7f4
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e593d32d2b3c25b54c4632fc55d4c55cce4154e0bfaeb75883da07b742e762dc
e86ac07365d29def580fd69c4ea8f3de4082b847dbe939fad7e784703ef9b60f
eaf9541e96f36c624ca849ddd347f8f5c7e86dfdb232e954ae35f1e68eef883f
eb078b04978bc9d4fa60fd881f767fdda79897fbcd2a15a1acd390a8dedd8887
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20709d95e2abaf708e3578941c4c4c9aba4918638ebd5a900f449b244dad3d9
f46965c749a12e2b567392705833b4618b9bc79ec665140115584cda0c2cac7e
f46cccdb94faa64c9f05492518c01533a67b9abbfa18bc6ab6d30ecd311a5080
f863572cbb6ef275af86231fd6be6eed2cacc5e44d282e74546ec94aae73506d
fa6e3a91b626ad7ece412eac6a05d59fd448ec41cd4435579abe002950bb1cdd
fd3324b939db83e4783489b6a1511d1a8a77b6f5f49825557d2a3c79bbbf38fb
fdac1a3247f6636b0a366c779803ca0af16f5cf36b2ab34a5d48a0911cd59e1a

www.legiaodosherois.com.br Open in urlscan Pro 2606:4700:20::681a:769 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

147 Requests

90 %HTTPS

52 %IPv6

19 Domains

33 Subdomains

29 IPs

4 Countries

1294 kBTransfer

3252 kBSize

17 Cookies

6 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.legiaodosherois.com.br Open in urlscan Pro
2606:4700:20::681a:769 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

90 %
HTTPS

52 %
IPv6

19
Domains

33
Subdomains

29
IPs

4
Countries

1294 kB
Transfer

3252 kB
Size

17
Cookies

147 HTTP transactions
15 data transactions