portal.anhembi.br Open in urlscan Pro
104.18.9.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://anhembi.br/
Effective URL:
https://portal.anhembi.br/
Submission: On October 06 via manual (October 6th 2023, 2:18:28 pm UTC) from PK — Scanned from DE

Summary HTTP 189 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 82 IPs in 10 countries across 79 domains to perform 189 HTTP transactions. The main IP is 104.18.9.110, located in and belongs to CLOUDFLARENET, US. The main domain is portal.anhembi.br.
TLS certificate: Issued by GoGetSSL RSA DV CA on September 11th 2023. Valid for: a year.

This is the only time portal.anhembi.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	104.18.5.95 104.18.5.95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 40	104.18.9.110 104.18.9.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:46::45 2620:1ec:46::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:ef3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	23.38.98.84 23.38.98.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
1	108.138.1.25 108.138.1.25	16509 (AMAZON-02) (AMAZON-02)
3	54.94.10.210 54.94.10.210	16509 (AMAZON-02) (AMAZON-02)
1	54.165.113.80 54.165.113.80	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:206... 2600:9000:206f:a800:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:400c:c06::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	20.10.16.51 20.10.16.51	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 2	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	185.167.164.49 185.167.164.49	198622 (ADFORM) (ADFORM)
1	193.108.153.24 193.108.153.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
2 14	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
1	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
2	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.32.119.33 63.32.119.33	16509 (AMAZON-02) (AMAZON-02)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	52.28.224.195 52.28.224.195	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2.21.20.202 2.21.20.202	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.185.230.6 18.185.230.6	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.26.193 104.18.26.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 3	77.243.51.121 77.243.51.121	42697 (NETIC-AS) (NETIC-AS)
3 4	77.243.51.122 77.243.51.122	42697 (NETIC-AS) (NETIC-AS)
3 3	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3 4	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
4 4	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
3 3	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	54.217.255.105 54.217.255.105	16509 (AMAZON-02) (AMAZON-02)
2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.246.44.190 34.246.44.190	16509 (AMAZON-02) (AMAZON-02)
1	52.218.121.176 52.218.121.176	16509 (AMAZON-02) (AMAZON-02)
2 2	146.59.148.16 146.59.148.16	16276 (OVH) (OVH)
2	52.223.40.198 52.223.40.198	() ()
5 6	217.79.178.221 217.79.178.221	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.141.41 139.162.141.41	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	193.135.9.128 193.135.9.128	() ()
1 1	80.85.85.173 80.85.85.173	() ()
1	18.203.183.215 18.203.183.215	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.205 198.47.127.205	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	65.9.66.43 65.9.66.43	16509 (AMAZON-02) (AMAZON-02)
2 3	54.211.118.49 54.211.118.49	() ()
2 2	34.253.158.202 34.253.158.202	() ()
1 1	108.129.25.174 108.129.25.174	() ()
1	184.30.20.207 184.30.20.207	() ()
2 2	52.29.154.74 52.29.154.74	() ()
1	141.95.98.65 141.95.98.65	() ()
2 2	35.190.24.218 35.190.24.218	() ()
1	104.102.35.84 104.102.35.84	() ()
1	2600:9000:211... 2600:9000:211e:2400:1b:5138:8a40:93a1	() ()
2 2	34.111.113.62 34.111.113.62	() ()
1	46.19.11.36 46.19.11.36	() ()
1	76.223.111.18 76.223.111.18	() ()
1	3.123.197.153 3.123.197.153	() ()
1	107.178.244.119 107.178.244.119	() ()
4	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	88.208.1.235 88.208.1.235	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700:e2:... 2606:4700:e2::ac40:8113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.226.228.48 141.226.228.48	() ()
3	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	() ()
1	2600:1f18:4f8... 2600:1f18:4f89:f300:4acc:520e:a17b:f87f	() ()
189	82

4 104.18.5.95 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

anhembi.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 104.18.9.110 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

portal.anhembi.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Old Bridge, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

11544338.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:ef3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.38.98.84 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-84.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.94.10.210 (São Paulo, Brazil)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-94-10-210.sa-east-1.compute.amazonaws.com

event.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.getblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.165.113.80 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-113-80.compute-1.amazonaws.com

3ma79ae7cua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:a800:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.10.16.51 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

z.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::d (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.167.164.49 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.108.153.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-24.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 37.157.3.26 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)

a1.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.119.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-119-33.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.224.195 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-224-195.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.20.202 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-202.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.230.6 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-230-6.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.26.193 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 77.243.51.121 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 77.243.51.122 (Denmark) 3 redirects

ASN42697 (NETIC-AS, DK)

se.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 85.114.159.93 (Weil am Rhein, Germany) 3 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.52 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.34 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.78.254.47 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.217.255.105 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.44.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-44-190.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.121.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.148.16 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (None, )

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 217.79.178.221 (Germany) 5 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: cm49.as.net

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.135.9.128 (None, ) 1 redirects

ASN- ()

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.85.85.173 (None, ) 1 redirects

ASN- ()

cm.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.183.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-43.fra56.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.211.118.49 (None, ) 2 redirects

ASN- ()

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.158.202 (None, ) 2 redirects

ASN- ()

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.129.25.174 (None, ) 1 redirects

ASN- ()

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.207 (None, )

ASN- ()

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.154.74 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.65 (None, )

ASN- ()

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.24.218 (None, ) 2 redirects

ASN- ()

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.35.84 (None, )

ASN- ()

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2400:1b:5138:8a40:93a1 (None, )

ASN- ()

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (None, )

ASN- ()

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (None, )

ASN- ()

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.197.153 (None, )

ASN- ()

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.244.119 (None, )

ASN- ()

pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.208.1.235 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

aprtn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8113 (United States)

ASN13335 (CLOUDFLARENET, US)

metrics.getrmads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:84:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4f89:f300:4acc:520e:a17b:f87f (None, )

ASN- ()

capig.anhembi.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	anhembi.br 2 redirects anhembi.br portal.anhembi.br capig.anhembi.br	2 MB
17	adform.net 3 redirects s2.adform.net — Cisco Umbrella Rank: 7290 a2.adform.net — Cisco Umbrella Rank: 10839 c1.adform.net — Cisco Umbrella Rank: 643 dmp.adform.net	43 KB
12	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 11544338.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	7 KB
7	adsafety.net 6 redirects cm.adsafety.net — Cisco Umbrella Rank: 21747 tags.adsafety.net — Cisco Umbrella Rank: 91058	12 KB
7	semasio.net 6 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1270 se.semasio.net — Cisco Umbrella Rank: 22364	4 KB
7	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 998 z.clarity.ms — Cisco Umbrella Rank: 14432	29 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2714 adservice.google.com — Cisco Umbrella Rank: 118	1 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 766	141 KB
6	criteo.com 2 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4198 gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 sslwidget.criteo.com — Cisco Umbrella Rank: 2408 widget.us.criteo.com — Cisco Umbrella Rank: 25599	33 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6147	885 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	235 KB
4	exelator.com 3 redirects loadm.exelator.com — Cisco Umbrella Rank: 2048 load77.exelator.com — Cisco Umbrella Rank: 3804 loada.exelator.com — Cisco Umbrella Rank: 31389	3 KB
4	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com — Cisco Umbrella Rank: 542	3 KB
4	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 30155 usr.navdmp.com — Cisco Umbrella Rank: 36353 cdn.navdmp.com — Cisco Umbrella Rank: 8424	6 KB
4	gstatic.com fonts.gstatic.com	63 KB
3	facebook.com www.facebook.com	247 B
3	audrte.com 2 redirects a.audrte.com	2 KB
3	adition.com 3 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1617	1 KB
3	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1230	1 KB
3	getblue.io event.getblue.io — Cisco Umbrella Rank: 34668 widget.getblue.io — Cisco Umbrella Rank: 37416	3 KB
3	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 334 s.amazon-adsystem.com — Cisco Umbrella Rank: 328	11 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1126 trc.taboola.com — Cisco Umbrella Rank: 680 trc-events.taboola.com	22 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 427	14 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	getrmads.com metrics.getrmads.com — Cisco Umbrella Rank: 337237	2 KB
2	tapad.com 2 redirects pixel.tapad.com	1 KB
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	628 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	smartstream.tv 2 redirects ads.smartstream.tv cm.smartstream.tv	1 KB
2	adsrvr.org match.adsrvr.org	297 B
2	onaudience.com 2 redirects pixel.onaudience.com — Cisco Umbrella Rank: 3315	921 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 734	647 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	1 KB
2	adscale.de 2 redirects ih.adscale.de — Cisco Umbrella Rank: 3185	693 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	42 KB
2	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1448 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363	757 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 869	610 B
2	t.co t.co — Cisco Umbrella Rank: 614	580 B
2	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 416 px4.ads.linkedin.com — Cisco Umbrella Rank: 6066	1 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 687	7 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 981	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	215 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	4 KB
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	14 KB
1	aprtn.com aprtn.com — Cisco Umbrella Rank: 137383	550 B
1	sojern.com pixel.sojern.com	156 B
1	emxdgt.com e1.emxdgt.com	44 B
1	3lift.com eb2.3lift.com	140 B
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	239 B
1	teads.tv sync.teads.tv	163 B
1	id5-sync.com id5-sync.com	921 B
1	mathtag.com pixel.mathtag.com	418 B
1	agkn.com 1 redirects aa.agkn.com	493 B
1	userreport.com pdw-adf.userreport.com — Cisco Umbrella Rank: 27221	444 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 959	474 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 903	338 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net — Cisco Umbrella Rank: 32266	407 B
1	openx.net eu-u.openx.net — Cisco Umbrella Rank: 2959	273 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	266 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 445	98 B
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1189	344 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 387	146 B
1	stickyadstv.com ads.stickyadstv.com — Cisco Umbrella Rank: 620	683 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 898	114 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 504	214 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4701	400 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 761	199 B
1	seadform.net a1.seadform.net — Cisco Umbrella Rank: 25365	467 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2907	881 B
1	3ma79ae7cua.com 3ma79ae7cua.com — Cisco Umbrella Rank: 128189	216 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 792	15 KB
1	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 6368	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	1 KB
0	e-volution.ai Failed sync.e-volution.ai Failed
0	1dmp.io Failed sync.1dmp.io Failed
0	ib-ibi.com Failed global.ib-ibi.com Failed
189	79

	Domain	Requested by
40	portal.anhembi.br	1 redirects anhembi.br portal.anhembi.br
11	c1.adform.net	2 redirects portal.anhembi.br c1.adform.net
6	cm.adsafety.net	5 redirects c1.adform.net
6	analytics.tiktok.com	portal.anhembi.br analytics.tiktok.com
5	www.google.de	portal.anhembi.br
4	connect.facebook.net	portal.anhembi.br
4	cm.g.doubleclick.net	4 redirects
4	se.semasio.net	3 redirects c1.adform.net
4	www.google.com	portal.anhembi.br
4	fonts.gstatic.com	fonts.googleapis.com
4	www.clarity.ms	portal.anhembi.br
4	anhembi.br	1 redirects static.cloudflareinsights.com anhembi.br
3	www.facebook.com	portal.anhembi.br
3	dmp.adform.net	c1.adform.net
3	a.audrte.com	2 redirects c1.adform.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	dsp.adfarm1.adition.com	3 redirects
3	uipglob.semasio.net	3 redirects
3	z.clarity.ms	portal.anhembi.br
3	stats.g.doubleclick.net	portal.anhembi.br www.googletagmanager.com
3	cdn.linkedin.oribi.io	portal.anhembi.br
3	bat.bing.com	portal.anhembi.br
3	www.google-analytics.com	portal.anhembi.br
3	googleads.g.doubleclick.net	portal.anhembi.br
2	metrics.getrmads.com	aprtn.com portal.anhembi.br
2	pixel.tapad.com	2 redirects
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.adsrvr.org	c1.adform.net
2	pixel.onaudience.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	loadm.exelator.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	ih.adscale.de	2 redirects
2	cdn.jsdelivr.net	client
2	a2.adform.net	1 redirects portal.anhembi.br
2	gum.criteo.com	1 redirects portal.anhembi.br
2	analytics.twitter.com	portal.anhembi.br
2	t.co	portal.anhembi.br
2	s.amazon-adsystem.com	1 redirects portal.anhembi.br
2	event.getblue.io	portal.anhembi.br
2	s.yimg.com	portal.anhembi.br
2	tag.navdmp.com	portal.anhembi.br
2	11544338.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	snap.licdn.com	portal.anhembi.br
2	www.googletagmanager.com	portal.anhembi.br
2	cdnjs.cloudflare.com	portal.anhembi.br
2	static.cloudflareinsights.com	anhembi.br portal.anhembi.br
1	capig.anhembi.br	portal.anhembi.br
1	trc-events.taboola.com	portal.anhembi.br
1	aprtn.com	portal.anhembi.br
1	widget.getblue.io	portal.anhembi.br
1	pixel.sojern.com	c1.adform.net
1	e1.emxdgt.com	c1.adform.net
1	eb2.3lift.com	c1.adform.net
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	pixel.mathtag.com	c1.adform.net
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	cm.smartstream.tv	1 redirects
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	loada.exelator.com	1 redirects
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	sync.crwdcntrl.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	ps.eyeota.net	c1.adform.net
1	ib.adnxs.com	1 redirects
1	x.bidswitch.net	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	ups.analytics.yahoo.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	ad.360yield.com	c1.adform.net
1	a1.seadform.net	portal.anhembi.br
1	sp.analytics.yahoo.com	portal.anhembi.br
1	widget.us.criteo.com	portal.anhembi.br
1	sslwidget.criteo.com	1 redirects
1	cdn.navdmp.com	portal.anhembi.br
1	mug.criteo.com	portal.anhembi.br
1	analytics.pangle-ads.com	analytics.tiktok.com
1	usr.navdmp.com	portal.anhembi.br
1	trc.taboola.com	portal.anhembi.br
1	adservice.google.com	11544338.fls.doubleclick.net
1	region1.analytics.google.com	www.googletagmanager.com
1	px4.ads.linkedin.com	portal.anhembi.br
1	px.ads.linkedin.com	1 redirects
1	3ma79ae7cua.com	portal.anhembi.br
1	c.amazon-adsystem.com	portal.anhembi.br
1	s2.adform.net	portal.anhembi.br
1	static.ads-twitter.com	portal.anhembi.br
1	cdn.taboola.com	portal.anhembi.br
1	dynamic.criteo.com	portal.anhembi.br
1	rum-static.pingdom.net	portal.anhembi.br
1	fonts.googleapis.com	portal.anhembi.br
0	sync.e-volution.ai Failed	c1.adform.net
0	sync.1dmp.io Failed	c1.adform.net
0	global.ib-ibi.com Failed	c1.adform.net
189	108

This site contains links to these domains. Also see Links.

Domain
aluno.anhembi.br
selecaouam.ead.br
ulife.com.br
estudantesuam.ead.br
professor.anhembi.br
contato-escolas.animaeducacao.com.br
aluno.ead.br
onelearning.com.br
diplomadigital.ecossistemaanima.com
www.instagram.com
www.youtube.com
www.linkedin.com
twitter.com
www.facebook.com
www.onelearning.com.br
pos.anhembi.br
bsp.edu.br
www.pravaler.com.br
landing.anhembi.br
animaeducacao.com.br
trabalheconosco.vagas.com.br
sempreanhembi.com
api.whatsapp.com

Subject Issuer	Validity	Valid
*.anhembi.br GoGetSSL RSA DV CA	`2023-09-11` - `2024-09-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 05	`2023-07-26` - `2024-01-22`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
pingdom.net Cloudflare Inc ECC CA-3	`2022-11-13` - `2023-11-13`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-06` - `2024-09-19`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
*.getblue.io Amazon RSA 2048 M02	`2023-07-15` - `2024-08-11`	a year	crt.sh
3ma79ae7cua.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-04` - `2023-11-08`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-30` - `2023-11-22`	6 months	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-09`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2023-09-17` - `2024-09-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.ads.stickyadstv.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-16` - `2024-04-16`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
eyeota.net GoGetSSL RSA DV CA	`2023-03-08` - `2024-04-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.userreport.com Amazon RSA 2048 M02	`2023-02-22` - `2024-01-18`	a year	crt.sh
pixel.mathtag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
teads.tv R3	`2023-10-04` - `2024-01-02`	3 months	crt.sh
s.ad.smaato.net Amazon RSA 2048 M03	`2023-09-04` - `2024-10-02`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2023-05-29` - `2024-06-04`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-17` - `2024-02-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-15` - `2023-10-13`	3 months	crt.sh
aprtn.com R3	`2023-09-23` - `2023-12-22`	3 months	crt.sh
getrmads.com GTS CA 1P5	`2023-08-14` - `2023-11-12`	3 months	crt.sh
capig.anhembi.br R3	`2023-09-22` - `2023-12-21`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://portal.anhembi.br/
Frame ID: D09B63960315CBEAB0C7C66400D5AC5C
Requests: 131 HTTP requests in this frame

Frame: https://anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: ADE64CDB80D7DECF55EA3E91A97B7B4B
Requests: 2 HTTP requests in this frame

Frame: https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F
Frame ID: 8199205AB2FF20F8022F8B76A6423F31
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953&dcc=t
Frame ID: C4007C11BA3670C652BF85DC48BA2A8F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=portal.anhembi.br&origin=onetag
Frame ID: AFFECCB68BB20E18AFE1ADA60BF6F561
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Frame ID: ED83EA28279C223B6C26BAD4C0EB6C2A
Requests: 48 HTTP requests in this frame

Frame: https://portal.anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
Frame ID: 31C8CFAC7CD379506D36F40E80B6380E
Requests: 2 HTTP requests in this frame

Frame: https://event.getblue.io/p/?cId=888BDB6E-BACD-3493-88C9EC28A21B6600&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=710edefa-17f2-45f5-a627-4740ff0066ba&ulc=&v=29092023-1023&nocache=6939285549789.564
Frame ID: 1A699B2147543B77AEE2F9EE9BE032E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Página principal - Anhembifechar

Page URL History Show full URLs

http://anhembi.br/ HTTP 307
https://anhembi.br/ Page URL
https://portal.anhembi.br/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

189
Requests

86 %
HTTPS

30 %
IPv6

79
Domains

108
Subdomains

82
IPs

10
Countries

3375 kB
Transfer

7386 kB
Size

85
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://aluno.anhembi.br/SOL/aluno/index.php/index/seguranca/dev/instituicao/125/acesso/pre/param
Title: Faça sua matrícula

Search URL Search Domain Scan URL

URL: https://selecaouam.ead.br/
Title: Faça sua matrícula EAD

Search URL Search Domain Scan URL

URL: https://ulife.com.br/
Title: Sou estudante (Ulife)

Search URL Search Domain Scan URL

URL: https://estudantesuam.ead.br/login
Title: Sou estudante EAD

Search URL Search Domain Scan URL

URL: https://professor.anhembi.br/SOL/professor/index.php/index/seguranca/dev/instituicao/125
Title: Sou Docente

Search URL Search Domain Scan URL

URL: https://contato-escolas.animaeducacao.com.br/faleconosco/anhembi/
Title: Fale com a gente

Search URL Search Domain Scan URL

URL: https://aluno.ead.br/?_gl=1*5rb7ko*_gcl_aw*R0NMLjE2NDkxODAyMjEuQ2p3S0NBancwYS1TQmhCa0Vpd0FwbGpVMHJfWXk4b00wUlR3X1J4a1FMdWNObEJ1Zm5HSXBERVpuajNRRlZrX04yRE01MU50RHExdzdSb0M2b1FRQXZEX0J3RQ..&_ga=2.39498212.637311595.1650913961-1639965942.1643924433&_gac=1.19604810.1649180224.CjwKCAjw0a-SBhBkEiwApljU0r_Yy8oM0RTw_RxkQLucNlBufnGIpDEZnj3QFVk_N2DM51NtDq1w7RoC6oQQAvD_BwE
Title: Fale com a gente EAD

Search URL Search Domain Scan URL

URL: https://onelearning.com.br/
Title: Cursos Livres

Search URL Search Domain Scan URL

URL: https://diplomadigital.ecossistemaanima.com/anhembi/
Title: Consulta Pública de Diploma Digital

Search URL Search Domain Scan URL

URL: https://www.instagram.com/anhembimorumbi/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/anhembimorumbi

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/school/universidade-anhembi-morumbi/

Search URL Search Domain Scan URL

URL: https://twitter.com/anhembimorumbi?lang=pt

Search URL Search Domain Scan URL

URL: https://www.facebook.com/anhembi.morumbi

Search URL Search Domain Scan URL

URL: https://www.onelearning.com.br/degustacao/
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://pos.anhembi.br/
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://bsp.edu.br/
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://www.pravaler.com.br/campanhas/lp-campeao2/?ies_code=62&nome=ANHEMBI%20MORUMBI&faculdade
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://landing.anhembi.br/le-cordon-bleu/gastronomia
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://animaeducacao.com.br/
Title: Saiba mais

Search URL Search Domain Scan URL

URL: https://trabalheconosco.vagas.com.br/animaeducacao
Title: Trabalhe na Ânima

Search URL Search Domain Scan URL

URL: https://sempreanhembi.com/
Title: Sempre Anhembi

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=551145607772&text=Ol%C3%A1,%20bem-vindo%20ao%20WhatsApp%20da%20Anhembi%20EAD.%20Clique%20em%20enviar%20para%20falar%20conosco.
Title: EAD

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=551140071192&text=Ol%C3%A1,%20bem-vindo%20ao%20WhatsApp%20da%20Anhembi%20Presencial.%20Clique%20em%20enviar%20para%20falar%20conosco.
Title: Presencial

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://anhembi.br/ HTTP 307
https://anhembi.br/ Page URL
https://portal.anhembi.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://anhembi.br/ HTTP 307
https://anhembi.br/

Request Chain 2

https://anhembi.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Request Chain 45

https://11544338.fls.doubleclick.net/activityi;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F HTTP 302
https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F

Request Chain 65

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F&e_ipv6=AQIuYTE5yffLgwAAAYsFWpfu92xPQQhT2C9XivoLvqsxaaP8bFz8hHzle6bwxFwq0ozRij58j36M

Request Chain 87

https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953 HTTP 302
https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953&dcc=t

Request Chain 95

https://a2.adform.net/Serving/TrackPoint/?pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 102

https://gum.criteo.com/sid/json?origin=onetag&domain=anhembi.br&sn=ChromeSyncframe&so=0&topUrl=portal.anhembi.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=zCbrjXxza3EyekIzYWtBUlJwbmsvVER6UzhVdTV1M1NvUlVUWXpNZFFINkxHUXhVQWdobVpQVGcvYXR6bFNFZVU4NjcwRWNvVnY3TUJmbFJxa2hsR3crVllQZWJGUDNkMDlFMUdNdU0rUDl3bUtvTlNRNVhicVlvbFY2ZFpDa1ozUWU0Sk0xaGcyTDRyZXlzNlNxTlhNemxUV3kvMDVkMjZoNHVQSzhnR1M0NUhPbFV3NGhnelIzWWZNbjlLOFVOdk4zK1ErWVlsYzEvbENqYmJPRUNha1NUZWcrOElRaXJ6OW5nNmNabHQ1RGJGWWNVRVJlS2JQd1d5dlgrZGtZV0dpZFAyMVZyWkVmMFMxVk1BM0xaRS9ZeFlqZz09fA&cppv=2

Request Chain 104

https://sslwidget.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJiNGlHZ0klMkZEaXZzNzklMkZ0UmtJOTYwSWJxR0xVWUVpdmFZNjhYWWlHUWM1bk4zSTdVMDdjTndwWHRKUVZoVGdmSTBaOHZ3aU11djRXJTJGa3BRVXdDS1lJVlVGdkdZeCUyRjdwc1pvQ1ZkUG5pM1U2dENVV1IwUSUzRCUzRA&tld=anhembi.br&dy=1&fu=https%253A%252F%252Fportal.anhembi.br%252F&ceid=02561a79-bbc3-4031-be08-d749df381a5b&dtycbr=94789 HTTP 302
https://widget.us.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJiNGlHZ0klMkZEaXZzNzklMkZ0UmtJOTYwSWJxR0xVWUVpdmFZNjhYWWlHUWM1bk4zSTdVMDdjTndwWHRKUVZoVGdmSTBaOHZ3aU11djRXJTJGa3BRVXdDS1lJVlVGdkdZeCUyRjdwc1pvQ1ZkUG5pM1U2dENVV1IwUSUzRCUzRA&tld=anhembi.br&dy=1&fu=https%253A%252F%252Fportal.anhembi.br%252F&ceid=02561a79-bbc3-4031-be08-d749df381a5b&dtycbr=94789

Request Chain 116

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5454681515320076977&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5454681515320076977&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=6318d38004a9467383d0a8d591e54ae4 HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=01a2ece57f9946c73a25f31d927537e0f51657c8d956fb5e367198321f9f98d9

Request Chain 121

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505&C=1

Request Chain 122

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5454681515320076977&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5454681515320076977&sInitiator=external HTTP 302
https://se.semasio.net/sync/1/16266044?sExtCookieId=5454681515320076977&gdpr=&sInitiator=external HTTP 302
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/647471?sExtCookieId=7286849700626299021&sInitiator=internal&gdpr= HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr= HTTP 302
https://se.semasio.net/sync/1/4354957?sExtCookieId=2388370387289337654&sInitiator=internal&gdpr= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Qjg5QzE1OTlGNzM0QjE3Ng&gdpr= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=&google_cver=1 HTTP 302
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=

Request Chain 124

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5454681515320076977 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5454681515320076977&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 129

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 130

https://pixel.onaudience.com/?mapped=5454681515320076977&partner=68 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f8d64d55d97af39a39e4365abb2c2380&gdpr=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

Request Chain 131

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5454681515320076977 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM1202310061436f85c8471440f633a3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&gdpr=0&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fb7648557393528f4ec592dd2eb35afd HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202310061436f85c8471440f633a3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fb7648557393528f4ec592dd2eb35afd&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEwMDYxNDM2Zjg1Yzg0NzE0NDBmNjMzYTM&gdpr_consent=&gdpr=0 HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESENMdpzpriQHEKsfbYSdOnYE&gdpr_consent=&gdpr=0&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202310061436f85c8471440f633a3 HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5454681515320076977 HTTP 302
https://dsp.adfarm1.adition.com/cookie/?ssp=6 HTTP 302
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021 HTTP 302
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQ1NDY4MTUxNTMyMDA3Njk3Nw HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZAT8urnz9A9xp7XH-ZSJ4&google_cver=1&google_ula=1641347,0

Request Chain 134

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=2388370387289337654&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=5454681515320076977

Request Chain 138

https://a.audrte.com/a?adform_uid=5454681515320076977 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmU1VnM4WHZMMWpSWHVoTDNZNlFkaWFWUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/p

Request Chain 139

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5454681515320076977&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5454681515320076977&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=32044743051135065723646114029676436537&noredirect=1

Request Chain 140

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5454681515320076977 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219563204661002694073

Request Chain 141

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7286849700626299021

Request Chain 144

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=4Wt60m9W1QOLES5

Request Chain 148

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 307
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1789222756 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6bk5HNU8o4/R1KH3c8ohDu

Request Chain 152

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5454681515320076977&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5454681515320076977&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=6d83082e-e984-400d-87c9-8fe35b0e9a33

Request Chain 160

https://portal.anhembi.br/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://portal.anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

189 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
anhembi.br/
Redirect Chain

http://anhembi.br/
https://anhembi.br/

2 KB
2 KB

1795ms
34ms

Document
text/html

104.18.5.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf4569e147365e7e70c9a4bcfedbb40ba7ebe3f9c701e6cab487746c7fe98579

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6112
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=691200
cf-cache-status: HIT
cf-ray: 811e888209f22c3a-FRA
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
content-type: text/html
cross-origin-embedder-policy: require-corp; report-to="default";
cross-origin-opener-policy: same-site; report-to="default";
date: Fri, 06 Oct 2023 14:18:22 GMT
expect-ct: max-age=86400, enforce
expires: Fri, 06 Oct 2023 15:18:22 GMT
last-modified: Thu, 15 Jul 2021 21:46:31 GMT
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://anhembi.br/
Non-Authoritative-Reason: HSTS

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 69ms
51ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: anhembi.br
URL: https://anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
Origin: https://anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:22 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 811e88825e5c363c-FRA

GET
H2

200

main.js
anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame ADE6
Redirect Chain

https://anhembi.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

20ms
20ms

Script
application/javascript

104.18.5.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Protocol

Server

104.18.5.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:22 GMT
content-encoding: gzip
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 811e8882eb1c2c3a-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 06 Oct 2023 14:18:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 811e8882caef2c3a-FRA

GET
H2 200 Primary Request / Show response
portal.anhembi.br/ 403 KB
81 KB 1590ms
58ms Document
text/html 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/

Requested by

Host: anhembi.br
URL: https://anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c58a91e9d6906042e237452aca57175b4105a8e478bac31f0711b24820b3b0

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 18548
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=7200
cf-cache-status: HIT
cf-ray: 811e888c6ab74dc4-FRA
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 14:18:24 GMT
expect-ct: max-age=86400, enforce
expires: Fri, 06 Oct 2023 16:18:24 GMT
feature-policy: accelerometer 'none'; camera 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; payment 'none'; usb 'none'
last-modified: Fri, 06 Oct 2023 09:09:16 GMT
link: <https://portal.anhembi.br/wp-json/>; rel="https://api.w.org/", <https://portal.anhembi.br/wp-json/wp/v2/pages/267>; rel="alternate"; type="application/json", <https://portal.anhembi.br/>; rel=shortlink
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 204 rum
anhembi.br/cdn-cgi/ 0
144 B 10ms
9ms XHR
text/plain 104.18.5.95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://anhembi.br/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.5.95 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://anhembi.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
content-type: application/json

Response headers

date: Fri, 06 Oct 2023 14:18:22 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://anhembi.br
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 811e8882caf62c3a-FRA

POST 811e888209f22c3a
anhembi.br/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame ADE6 0
0

POST rum
anhembi.br/cdn-cgi/ 0
0

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;600;700&display=swap

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 14:18:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 Oct 2023 14:18:24 GMT

GET
H2 200 style.min.css
portal.anhembi.br/wp-includes/css/dist/block-library/ 81 KB
11 KB 411ms
409ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:49 GMT
server: cloudflare
etag: W/"637d2db9-145db"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb364dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 styles.css
portal.anhembi.br/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 410ms
409ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-aab"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb394dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 style.css
portal.anhembi.br/wp-content/themes/portal/ 316 B
308 B 409ms
408ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/style.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2150c7a8dc5c0645bcc550d615cdf27b72d3f9a2ac8ac78d1471e8eb551c723d

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-13c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb3a4dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 bootstrap.4.6.1.css
portal.anhembi.br/wp-content/themes/portal/assets/vendor/bootstrap/ 158 KB
24 KB 492ms
491ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/bootstrap/bootstrap.4.6.1.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-278e1"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb3b4dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 owl.carousel.min.css
portal.anhembi.br/wp-content/themes/portal/assets/vendor/OwlCarousel/ 3 KB
1 KB 441ms
440ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/OwlCarousel/owl.carousel.min.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-d17"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb3c4dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 jquery.modal.min.css
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 3 KB
2 KB 32ms
15ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14565253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1541
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-c81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K7VNHNBcRCTqQtHTOQnTA%2Fii3VgfHmNH3Qkol4qlzSH4IOLebiod4Wbqj7mpyu6MMo3owYsI06lT2V%2Bfr7H3SWfPApXvzPqeuhZiU4emyElBT94N4r%2Bhy4JlqShoEui%2BQpyd%2FZHCj%2F5ELRU8gsIc3DL3"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811e888ce9d718df-FRA
expires: Wed, 25 Sep 2024 14:18:24 GMT

GET
H2 200 custom.min.css
portal.anhembi.br/wp-content/themes/portal/assets/css/ 588 KB
55 KB 526ms
525ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/css/custom.min.css?ver=1669148088

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f0f1b1de1cdd6e98cf7ddb268817e0400d251a80bbd308ff74d6e32506423186

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-93116"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb3d4dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 select2.min.css
portal.anhembi.br/wp-content/themes/portal/assets/vendor/select2/ 16 KB
2 KB 393ms
393ms Stylesheet
text/css 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/select2/select2.min.css?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-3f88"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888ccb3e4dc4-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H3 200 vision.svg
portal.anhembi.br/wp-content/uploads/2022/07/ 23 KB
18 KB 530ms
527ms Image
image/svg+xml 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/07/vision.svg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f3abe61fcfee62ce8bdd39a121774f8ff381362820afb10e37b7b80e078347

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 11 Jul 2022 14:28:13 GMT
server: cloudflare
etag: W/"62cc337d-5b11"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef6e193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 481 KB
125 KB 74ms
45ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-XWZN

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c60e8db61c7247f906bd778b02fd927ca1b0e94ad3e63d86fb91206b2503770

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127241
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 Oct 2023 14:18:24 GMT

GET
H2 200 dusdh2drbm Show response
www.clarity.ms/tag/ 650 B
1013 B 133ms
103ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/dusdh2drbm
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 9cce4b0b0793a4d0fe91562cb33e9be436997cb729dfb17de633152b316202dc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: -1
date: Fri, 06 Oct 2023 14:18:24 GMT
x-azure-ref: 20231006T141824Z-daptn64fq94r7bw6dk79ktd4rc00000001ug000000004f5b
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H3 200 ecosistema-anima-anhembi.svg
portal.anhembi.br/wp-content/uploads/2021/12/ 324 KB
131 KB 504ms
501ms Image
image/svg+xml 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2021/12/ecosistema-anima-anhembi.svg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc3b862835b9e373ecaa527ec5eeb25b41094e5e58017e1f9e054dbca2d3e644

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Dec 2021 20:28:07 GMT
server: cloudflare
etag: W/"61b7acd7-50e04"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef6f193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 QRUAM.png
portal.anhembi.br/wp-content/uploads/2022/12/ 160 KB
160 KB 563ms
560ms Image
image/png 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/12/QRUAM.png

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b54a9dcfc361105c2ff2ac4794582b412cbdc446b7e7ec3ad0376a1df62b168

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 163670
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 02 Dec 2022 19:52:14 GMT
server: cloudflare
etag: "638a576e-27f56"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e8890ef70193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 icon-whatsapp.svg
portal.anhembi.br/wp-content/themes/portal/assets/image/ 2 KB
1 KB 426ms
423ms Image
image/svg+xml 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/image/icon-whatsapp.svg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb0180cf5cb6ef9beb7bf7defa7e9136799d70c56799706f400d79e75d9dd192

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-851"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef72193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 regenerator-runtime.min.js Show response
portal.anhembi.br/wp-includes/js/dist/vendor/ 6 KB
3 KB 401ms
400ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:49 GMT
server: cloudflare
etag: W/"637d2db9-195e"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e888fee44193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 wp-polyfill.min.js Show response
portal.anhembi.br/wp-includes/js/dist/vendor/ 19 KB
7 KB 486ms
486ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:49 GMT
server: cloudflare
etag: W/"637d2db9-4b3d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890af2d193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 index.js Show response
portal.anhembi.br/wp-content/plugins/contact-form-7/includes/js/ 21 KB
7 KB 485ms
484ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-5590"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890df5d193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 jquery-3.6.0.min.js Show response
portal.anhembi.br/wp-content/themes/portal/assets/vendor/jquery/ 87 KB
31 KB 576ms
573ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/jquery/jquery-3.6.0.min.js?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-15d9d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef67193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 owl.carousel.min.js Show response
portal.anhembi.br/wp-content/themes/portal/assets/vendor/OwlCarousel/ 43 KB
11 KB 612ms
609ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/OwlCarousel/owl.carousel.min.js?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-ad36"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef69193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H2 200 jquery.modal.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/ 5 KB
2 KB 21ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-modal/0.9.1/jquery.modal.min.js?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6734486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1399
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-577"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kiaRSopjOVyJav39os3omNKQX6cbSUCY6Vyo1meNaXyqyHI3hQ0d1HSGIj1Xd6sMGzEbqEsq9HltnPLqOKCEASnQowE%2BMbMe1Sm0cGoT19mEm%2BDvHwfE3rwsOTZshG8VimXtdbUhDme4J7Rl%2BehqQpDi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811e8890e80218df-FRA
expires: Wed, 25 Sep 2024 14:18:24 GMT

GET
H3 200 custom.min.js Show response
portal.anhembi.br/wp-content/themes/portal/assets/js/ 601 KB
182 KB 640ms
637ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/js/custom.min.js?ver=1696273858

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2561096a7e4d25a651498c80a226938b638755ad9e3fc9321a79da22bb9b1996

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 02 Oct 2023 19:10:58 GMT
server: cloudflare
etag: W/"651b15c2-96208"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef6a193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 select2.min.js Show response
portal.anhembi.br/wp-content/themes/portal/assets/vendor/select2/ 71 KB
20 KB 571ms
568ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/vendor/select2/select2.min.js?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad6c771f1b4cb0ce73fbefe833ac92db097a01a026c30e78f67ba5224424bda1

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: W/"637d2db8-11dd2"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef6b193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 lodash.min.js Show response
portal.anhembi.br/wp-includes/js/dist/vendor/ 71 KB
26 KB 606ms
603ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:49 GMT
server: cloudflare
etag: W/"637d2db9-11d37"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef6d193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 58ms
55ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
Origin: https://portal.anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 811e8890ea8a363c-FRA

GET
H3 200 wp-emoji-release.min.js Show response
portal.anhembi.br/wp-includes/js/ 18 KB
5 KB 491ms
488ms Script
application/javascript 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:49 GMT
server: cloudflare
etag: W/"637d2db9-4705"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e8890ef74193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 36ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 36692
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 05 Oct 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 37ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 520865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 49ms
20ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 600929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:22:55 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 48ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@100;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.anhembi.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 71896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H3 200 logo-anhembi-largo.svg
portal.anhembi.br/wp-content/uploads/2021/12/ 9 KB
4 KB 29ms
28ms Image
image/svg+xml 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2021/12/logo-anhembi-largo.svg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2ab76719e2b258b7c9c54e45a1d1afc863354115804a697ff4a5e49154cf5b2

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15552000; includeSubDomains; preload
age: 4800
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Dec 2021 20:26:11 GMT
server: cloudflare
etag: W/"61b7ac63-2589"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=315360000
cf-ray: 811e88913fcb193c-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H3 200 details.png
portal.anhembi.br/wp-content/themes/portal/assets/image/ 468 KB
468 KB 588ms
586ms Image
image/png 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/themes/portal/assets/image/details.png

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

879d07b00ee305d43f97cf2193b89fac05001797ef0dafd4163aecfb01c95147

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 478835
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 22 Nov 2022 20:14:48 GMT
server: cloudflare
etag: "637d2db8-74e73"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88913fcc193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 person.png
portal.anhembi.br/wp-content/uploads/2021/12/ 43 KB
44 KB 566ms
565ms Image
image/png 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2021/12/person.png

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab455944a79ec01c372b40fa338de6239563d6921e6b71ce464ee08e54af1d88

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 44498
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 23 May 2022 16:48:51 GMT
server: cloudflare
etag: "628bbaf3-add2"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88913fcd193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 personorange.png
portal.anhembi.br/wp-content/uploads/2021/12/ 50 KB
50 KB 608ms
607ms Image
image/png 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2021/12/personorange.png

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a6cf5b1818c52c869695f57c89079682d4ba8de0597798e40a22b80bd23b12c

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 50769
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 13 Dec 2021 22:06:38 GMT
server: cloudflare
etag: "61b7c3ee-c651"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88913fce193c-FRA
expires: Mon, 03 Oct 2033 14:18:25 GMT

GET
H3 200 kisspng-higher-education-student-school-college-pessoa-5b20cdaf629445-1.png
portal.anhembi.br/wp-content/uploads/2021/12/ 62 KB
62 KB 30ms
29ms Image
image/png 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2021/12/kisspng-higher-education-student-school-college-pessoa-5b20cdaf629445-1.png

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0cff2678321bb8457db2706b363a17bf85ecedbe162429121158eef09c9c8b8

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
age: 4795
alt-svc: h3=":443"; ma=86400
content-length: 63453
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 23 May 2022 16:55:02 GMT
server: cloudflare
etag: "628bbc66-f7dd"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88913fcf193c-FRA
expires: Mon, 03 Oct 2033 14:18:24 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/988701311/ 3 KB
1 KB 94ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/988701311/?random=1696601904918&cv=11&fst=1696601904918&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&auid=1460222963.1696601905&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8f8ffaff13051341d44f109d558fa17aa5ca815369856b1a4460558bd3bcf91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 65ms
18ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1722
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 06 Oct 2023 15:49:42 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 44 KB
13 KB 62ms
34ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 06 Oct 2023 14:18:24 GMT
last-modified: Wed, 06 Sep 2023 22:41:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 92855EA2791A42ECA3FC1A9F524E1FAA Ref B: FRAEDGE1818 Ref C: 2023-10-06T14:18:24Z
etag: "09cc4613e1d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12981

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 28ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=58179
accept-ranges: bytes
content-length: 3822

GET
H2

200

activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~... Show response
11544338.fls.doubleclick.net/ Frame 8199
Redirect Chain

https://11544338.fls.doubleclick.net/activityi;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=...
https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;u...

452 B
599 B

56ms
50ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-XWZN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Old Bridge, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

249fdbeaf6694fa847175499f0be6bb9b50f789f7cdee3d6e00ba55f90062c3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 262
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:18:25 GMT
expires: Fri, 06 Oct 2023 14:18:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:18:25 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10817925278/ 3 KB
2 KB 74ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10817925278/?random=1696601904941&cv=11&fst=1696601904941&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&auid=1460222963.1696601905&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d647f07418b360bd8b67eda8b2788097da8ad759dd6f89116a7fa5232ef6914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/935180673/ 3 KB
1 KB 72ms
51ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/935180673/?random=1696601904945&cv=11&fst=1696601904945&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&hn=www.googleadservices.com&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&auid=1460222963.1696601905&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80968b9c9462d2c42151b549f1782eec81546a77de820a421243462e7110e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1306
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pa-5af19c30a42dbb00070000d1.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 162ms
128ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-5af19c30a42dbb00070000d1.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 584cd35b74eb0eb9153387db97bbbf3a863c42190e5727d818bd24820ebae901

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 811e88922c829211-FRA
expires: Fri, 06 Oct 2023 14:23:25 GMT

GET
H2 200 universal.min.js Show response
tag.navdmp.com/ 14 KB
5 KB 50ms
18ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/universal.min.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 05 Apr 2023 20:59:24 GMT
server: cloudflare
age: 1577
etag: W/"642de12c-36d1"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 811e88922f4b9b69-FRA
expires: Fri, 06 Oct 2023 14:52:07 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 47 KB
20 KB 50ms
16ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=81834

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ba19bb7293de09d7503de7512b5e39f944ffa74092078ecc9a35a9e196cfe46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 192ms
122ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C2R9IUKAPG3T0TSIENH0&lib=ttq
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1acb5ce7a56a8735fe46b6d916cde736dd608e259103105036cf2eae8114b093

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: 40aafc70.f95189c
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 104,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=97, origin; dur=7, inner; dur=4
content-length: 1714
pragma: no-cache
server: nginx
x-tt-logid: 202310061418255F40EEB5113DA3B7C006
x-cache-remote: TCP_MISS from a23-220-106-68.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.106.68
x-tt-trace-host: 01782c1aa098d441e14c7848822c4a7ef0b0738c6dca2cf3f16fbc6ee1a567e5399ed578c15fe7e79fb722f21d79a17182468f5b682afc26bbd3e2dc37dfbd75589f117839c0125093dfb174f036c814e6e4ae6fbadeee1c40bba7946ab8a628aa84662a54bd8d513edea618880d26e5b2
expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1399414/ 64 KB
20 KB 149ms
115ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1399414/tfa.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bbdec5f675385e81f6ac5916f9368891822032a828f340a86da06d2a887f60fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: HEQDYOF8nXe6bsL7LOGU_WrC9OZmf_zZ
content-encoding: gzip
via: 1.1 varnish
date: Fri, 06 Oct 2023 14:18:25 GMT
x-amz-request-id: TW3T08WV93FSNS4T
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 19982
x-amz-id-2: lDKFFBkpNMSMI9mC8cefwUw+EmjBViPDMSuhMS2P+Hs2AW7+Z1mBsWws9XhLjSHtcNTy2dYigwQ=
x-served-by: cache-fra-eddf8230073-FRA
last-modified: Sun, 01 Oct 2023 11:09:58 GMT
server: AmazonS3
x-timer: S1696601905.996405,VS0,VE107
etag: "ef8d8e17bdb20aca2a52c825a9d16383"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 22
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 affm10spmw Show response
www.clarity.ms/tag/ 844 B
1 KB 124ms
123ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/affm10spmw?ref=gtm2
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: c05f6e2ebda72cafe9719247f754a847e68521797054019d048d08c9692dd676

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: -1
date: Fri, 06 Oct 2023 14:18:25 GMT
x-azure-ref: 20231006T141824Z-daptn64fq94r7bw6dk79ktd4rc00000001ug000000004f66
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 844
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 59ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220088-FRA

GET
H2 200 bxhql87kyr Show response
www.clarity.ms/tag/ 843 B
1 KB 104ms
104ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/bxhql87kyr
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fe98bfc33c6aeeaca3f2d2643b77b934a97fc44dd1ceead924e9660fbfdea1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: -1
date: Fri, 06 Oct 2023 14:18:25 GMT
x-azure-ref: 20231006T141824Z-daptn64fq94r7bw6dk79ktd4rc00000001ug000000004f67
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 843
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/ 81 KB
31 KB 98ms
34ms Script
application/javascript 37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000aa4f78c365c7aee5-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 82ms
22ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:16:41 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: XR9ATYRFDV1SAMC8
age: 105
x-amz-server-side-encryption: AES256
x-amz-id-2: 1ZcYxx/SHdbPX/uDAmaAYhSvl1ZxCwRYdyeKTaYh265xUeFszFPj5SviQzC5J8y6CxU1sjctRTk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 amzn.js Show response
c.amazon-adsystem.com/aat/ 9 KB
9 KB 30ms
9ms Script
application/javascript 108.138.1.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-1-25.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dfde9700fc213631abdbc40ab93a1c294c21dcc29ac2f58186f7642a87157c98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-amz-version-id: fN7Y9M_xzC45srEXXTbVfHQXikTHmP4Z
date: Fri, 06 Oct 2023 05:59:04 GMT
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Fri, 29 Sep 2023 16:23:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 29962
x-amz-server-side-encryption: AES256
etag: "6d79de7d737ff990a8150519534a7142"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9221
x-amz-cf-id: d-PdLsco8gEVLJpg2_f_ESg5jqxKIqXqjw9_GeHNoBs2IzAK6poSHw==

GET
H2 200 blue-tag.min.js Show response
event.getblue.io/js/ 9 KB
3 KB 622ms
207ms Script
application/javascript 54.94.10.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://event.getblue.io/js/blue-tag.min.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.94.10.210 São Paulo, Brazil, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-94-10-210.sa-east-1.compute.amazonaws.com

Software

Resource Hash

a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 06 Oct 2023 13:52:12 GMT
etag: W/"9113-1696600332559"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
90 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LLQ62NLZ3L&l=dataLayer&cx=c

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba424dae8815641a958fb2c42f793b825b6e2938375d4298ec2566c89a311e12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 06 Oct 2023 14:18:24 GMT

GET
H/1.1 200
OK open
3ma79ae7cua.com/m/ 3 B
216 B 429ms
97ms Image
text/plain 54.165.113.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://3ma79ae7cua.com/m/open?orgid=ksbmqsxxvqaix506yhc6xfunthjlju9b&ms_event_num=1
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.113.80 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-113-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 06 Oct 2023 14:18:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 3
Expires: 0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.12/ 58 KB
25 KB 21ms
21ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.12/clarity.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: br
last-modified: Wed, 04 Oct 2023 21:58:30 GMT
etag: W/"0x8DBC5250B8892E9"
vary: Accept-Encoding
x-azure-ref: 20231006T141824Z-daptn64fq94r7bw6dk79ktd4rc00000001ug000000004f68
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: ef621914-501e-0016-309d-f7d80c000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 9ms
8ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=82039
accept-ranges: bytes
content-length: 4862

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/ 36 B
397 B 31ms
10ms XHR
application/json 2600:9000:206f:a800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/token
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 09:28:03 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 363021
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: KwCq5-Ns0yowxivzmTJemELuhFDnVdKW8GQGEUZt19qPmQs2Vw2z3Q==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F&e_ipv6=AQIuYTE5yffLgwAAAYsFWpfu92xPQQhT2C9XivoLvqsxaaP8bFz8hHzle6bwxF...

0
265 B

229ms
191ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F&e_ipv6=AQIuYTE5yffLgwAAAYsFWpfu92xPQQhT2C9XivoLvqsxaaP8bFz8hHzle6bwxFwq0ozRij58j36M
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 34939288C442491EADE25CEA58DBF0D4 Ref B: FRAEDGE1516 Ref C: 2023-10-06T14:18:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHDOnk2JAVdlyfZImLSw==

Redirect headers

date: Fri, 06 Oct 2023 14:18:25 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: A323E86C8F1343A6AF90461CF71FA24B Ref B: FRAEDGE1820 Ref C: 2023-10-06T14:18:25Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2015849%2C1874009&time=1696601904976&url=https%3A%2F%2Fportal.anhembi.br%2F&e_ipv6=AQIuYTE5yffLgwAAAYsFWpfu92xPQQhT2C9XivoLvqsxaaP8bFz8hHzle6bwxFwq0ozRij58j36M
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYHDOnhY6Y99UOL44KQ7g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/ 36 B
398 B 30ms
11ms XHR
application/json 2600:9000:206f:a800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/token
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 09:28:03 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 363021
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: IjT_GFWITRVOwQnPkN4IrBZS3TCQXGzc1MQfH2QFQda2y78mIN9KgA==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/ 36 B
396 B 27ms
11ms XHR
application/json 2600:9000:206f:a800:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/1874009,2015849/domain/portal.anhembi.br/token
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a800:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Mon, 02 Oct 2023 09:28:03 GMT
content-encoding: gzip
via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 363021
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=86400
x-amz-cf-id: RNVOmpcu_8jnMN6XdaUbpVOX7LNXzgs5HJseslmFGCf3dvGrQRlrSA==

GET
H2 200 69196 Show response
tag.navdmp.com/u/ 511 B
533 B 135ms
135ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/u/69196
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4808b019d68ef51ac6c3cb30dcac88d4b6ef28e0063911fedda9751c9bca998c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Tue, 07 Sep 2021 18:45:01 GMT
server: cloudflare
etag: W/"6137b32d-1ff"
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 811e88926f9e9b69-FRA
expires: Fri, 06 Oct 2023 15:18:25 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
209 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
347 B 57ms
18ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1253276-12&cid=657101955.1696601905&jid=383068006&gjid=383175572&_gid=707438106.1696601905&_u=YGBAgAABAAAAAG~&z=1637562818

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
68 B 16ms
15ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=631725905&t=pageview&_s=1&dl=https%3A%2F%2Fportal.anhembi.br%2F&ul=en-us&de=UTF-8&dt=P%C3%A1gina%20principal%20-%20Anhembi&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAGAEK~&jid=1151031362&gjid=153156349&cid=657101955.1696601905&tid=UA-1253276-3&_gid=707438106.1696601905&_slc=1&gtm=45He3a40n51XWZN&cd24=NA&cd25=NA&cd26=NA&cd27=NA&cd28=NA&cd39=NA&cd40=NA&cd43=10&cd44=10&cd45=NA&cd46=NA&cd51=RA&cd52=0&cd53=0&cd54=0&cd55=NA&cm1=0&cm2=0&cm3=0&cm4=0&cd21=657101955.1696601905&z=1393070696

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 50ms
19ms XHR
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1253276-3&cid=657101955.1696601905&jid=1151031362&gjid=153156349&_gid=707438106.1696601905&_u=YGDAiEABBAAAAGAEK~&z=2008831859

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10817925278/ 42 B
455 B 53ms
25ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10817925278/?random=1696601904941&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=1982544505&rmt_tld=0&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10817925278/ 42 B
108 B 71ms
22ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10817925278/?random=1696601904941&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=1982544505&rmt_tld=1&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/988701311/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/988701311/?random=1696601904918&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=3047059663&rmt_tld=0&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/988701311/ 42 B
455 B 23ms
21ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/988701311/?random=1696601904918&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=3047059663&rmt_tld=1&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/935180673/ 42 B
108 B 23ms
22ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/935180673/?random=1696601904945&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=2861855687&rmt_tld=0&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/935180673/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/935180673/?random=1696601904945&cv=11&fst=1696600800000&bg=ffffff&guid=ON&async=1&gtm=45He3a40&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.anhembi.br%2F&frm=0&tiba=P%C3%A1gina%20principal%20-%20Anhembi&fmt=3&is_vtc=1&random=2861855687&rmt_tld=1&ipr=y

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4063180.js Show response
bat.bing.com/p/action/ 0
115 B 33ms
33ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4063180.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 06 Oct 2023 14:18:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 8F8D100883824B9E921F428113176040 Ref B: FRAEDGE1818 Ref C: 2023-10-06T14:18:25Z
x-cache: CONFIG_NOCACHE

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 77ms
23ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LLQ62NLZ3L&gtm=45je3a40&_p=631725905&_gaz=1&cid=657101955.1696601905&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1696601905&sct=1&seg=0&dl=https%3A%2F%2Fportal.anhembi.br%2F&dt=P%C3%A1gina%20principal%20-%20Anhembi&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LLQ62NLZ3L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 25ms
25ms Ping
text/plain 2a00:1450:400c:c06::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-LLQ62NLZ3L&cid=657101955.1696601905&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LLQ62NLZ3L&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://portal.anhembi.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 34ms
33ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-LLQ62NLZ3L&cid=657101955.1696601905&gtm=45je3a40&aip=1&z=1270997626

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1253276-3&cid=657101955.1696601905&jid=1151031362&_u=YGDAiEABBAAAAGAEK~&z=476982214

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
38ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1253276-3&cid=657101955.1696601905&jid=1151031362&_u=YGDAiEABBAAAAGAEK~&z=476982214

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=*;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhe...
adservice.google.com/ddm/fls/z/ Frame 8199 42 B
401 B 76ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=*;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F

Requested by

Host: 11544338.fls.doubleclick.net
URL: https://11544338.fls.doubleclick.net/activityi;dc_pre=CITJ_s7O4YEDFQMKogMdBAANqw;src=11544338;type=invmedia;cat=uam_a0;ord=7628778289576;auiddc=1460222963.1696601905;gtm=45He3a40;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fportal.anhembi.br%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://11544338.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
297 B 317ms
104ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.anhembi.br
Date: Fri, 06 Oct 2023 14:18:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame C400
Redirect Chain

https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953
https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953&dcc=t

65 B
896 B

116ms
116ms

Document
text/html

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953&dcc=t

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 65
Content-Type: text/html;charset=ISO-8859-1
Date: Fri, 06 Oct 2023 14:18:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 4QB3499AV6SQGXNE51RP

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 06 Oct 2023 14:18:25 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?pid=69f50841-8c01-49f0-a0e2-15b054c6b791&event=PageView&ts=1696601904953&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: QBYFX936AX8067YQ3AP3

GET
H2 200 adsct
t.co/i/ 43 B
377 B 167ms
122ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=161f8aa6-ed20-43ec-a062-471610c7cee7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c34ae549-82aa-4574-9222-d96a004db0dd&tw_document_href=https%3A%2F%2Fportal.anhembi.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h90&type=javascript&version=2.3.29

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 109
date: Fri, 06 Oct 2023 14:18:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cb840ffe0fd626a4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 687810f8258e991e7993a8a64a98e9664666e7e3d30ed7d529c122cc91dbaf8e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
215 B 171ms
125ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=161f8aa6-ed20-43ec-a062-471610c7cee7&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c34ae549-82aa-4574-9222-d96a004db0dd&tw_document_href=https%3A%2F%2Fportal.anhembi.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7h90&type=javascript&version=2.3.29

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 113
date: Fri, 06 Oct 2023 14:18:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: cb8290b7b99a8121
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 082f44d3ecb180e0a1f382836ace3413bc2d18349ad18968e917fe103d1c6c90
content-length: 43

GET
H2 200 adsct
t.co/i/ 43 B
203 B 169ms
124ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=f02a1ac7-152a-4ef4-9921-ef0bd4d5192e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c34ae549-82aa-4574-9222-d96a004db0dd&tw_document_href=https%3A%2F%2Fportal.anhembi.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o97mz&type=javascript&version=2.3.29

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 111
date: Fri, 06 Oct 2023 14:18:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d662daa6d395be29
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 687810f8258e991e7993a8a64a98e9664666e7e3d30ed7d529c122cc91dbaf8e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 163ms
118ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f02a1ac7-152a-4ef4-9921-ef0bd4d5192e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c34ae549-82aa-4574-9222-d96a004db0dd&tw_document_href=https%3A%2F%2Fportal.anhembi.br%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o97mz&type=javascript&version=2.3.29

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 06 Oct 2023 14:18:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e038dd445e3678cb
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 082f44d3ecb180e0a1f382836ace3413bc2d18349ad18968e917fe103d1c6c90
content-length: 43

GET
H2 200 10186525.json Show response
s.yimg.com/wi/config/ 2 B
511 B 430ms
388ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10186525.json

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: HDK2Z48K8NT1J90E
age: 1
content-length: 22
x-amz-id-2: I2GwpcyH72fugMf4JmwaRhkOhUZ7As6WEjaF32B5H3EYKce0rgXkBp+XKQC7tlsjoH4KY5bXAXcGUBdiq+XAlk4jWpLxpnvotBuKezBrlpQ=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 200 json Show response
trc.taboola.com/1399414/trc/3/ 2 KB
2 KB 45ms
36ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1399414/trc/3/json?tim=1696601905174&data=%7B%22id%22%3A887%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1696601905163%2C%22cv%22%3A%2220230928-12-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fportal.anhembi.br%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Danhembimorumbi-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1696601905172%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fportal.anhembi.br%2F%22%2C%22tos%22%3A7%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bb41ec10b93f00b122d29ebc4c88bda4ae69fb849e230cb51e9e58bdc75dbb33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-vcl-time-ms: 24
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.459375
x-fastly-to-nlb-rtt: 7363
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230073-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1696601905.186478,VS0,VE24
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AFFE 15 KB
6 KB 64ms
20ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=portal.anhembi.br&origin=onetag

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 06 Oct 2023 14:18:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 254768
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C1600x...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C...

840 B
1 KB

88ms
88ms

Script
text/javascript

185.167.164.49
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Server

185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bc264c00f60821bf619c7a9632eecaeaa2a03cda53fec9c810d981fc4475f198

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 685
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2703696&ADFdivider=%7C&ord=146021881122&ADFtpmode=2&itm=eyJpdG1zIjpbeyJwZ3IiOiIvIn1dfQ&loc=https%3A%2F%2Fportal.anhembi.br%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 main.MWQ0NWRkZTlhMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 389 KB
101 KB 10ms
10ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: f9518e9
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20230921123816DACAEF28CA52516E21C4
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 014219f47da98a68fb9124ea71253fdc082e47660ee420895f22e6921e9233e3f1671efef63825e16ed62e275371b72bc949e782c219bbf0edbff3521d26612935f744fe384463e138ed818261559cfe0207a9fb9d90fc7d02b1d6d290f663930e
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=108
content-length: 102667

GET
H2 200 usr Show response
usr.navdmp.com/ 53 B
244 B 158ms
149ms Script
application/javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=9&acc=69196&u=1&new=1&wst=0
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b73a7a09c04a15bbfef495d16214d2dd6da6dec0e11329effb53ce234028559

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: public
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 811e889399069b69-FRA
expires: Fri, 06 Oct 2023 15:18:25 GMT

GET
H2 200 identify_7dd78.js Show response
analytics.tiktok.com/i18n/pixel/static/ 134 KB
36 KB 11ms
11ms Script
application/javascript 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7dd78.js
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-akamai-request-id: f95190c
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202309071107134C1D973D0BE4B77EECAD
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01fde42a5bc31b1cf87263f2de4f7457f956047196fc0e034c690fef4cc4b75cbefca78688b9eb2afad975a6185c2bb86c8dae65e7f3d81d7f49fc9ede2d594b38fc43bedc0324960cd6ec376abb2b5c6456743cb2c5ade3146e118ed687474497
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 35926

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
881 B 309ms
274ms Ping
text/plain 193.108.153.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.108.153.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a193-108-153-24.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: d760c404.17b4b3b5
date: Fri, 06 Oct 2023 14:18:25 GMT
x-bytefaas-request-id: 202310061418257785986628DEE5D38F26
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-54-206-24.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
x-parent-response-time: 265,23.54.206.24
server-timing: cdn-cache; desc=MISS, edge; dur=260, origin; dur=6, inner; dur=4
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202310061418257785986628DEE5D38F26
x-cache-remote: TCP_MISS from a23-58-124-68.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51612204) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 2.95
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-origin-response-time: 7,23.58.124.68
x-tt-trace-host: 01782c1aa098d441e14c7848822c4a7ef09e0d5b972a3d862e38b9c17fbb080f1dbb3c55458114fb8b1dcb7aeda89ff33c3fcc70bb72573c747f7762258d4cbaa7537085b1a3029e6fc07bdb2aaadcafeb27eca66a97056e7d01132a384c8cef415df83df69c14b994f62094cd6edb03fe
access-control-allow-headers: *
expires: Fri, 06 Oct 2023 14:18:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
790 B 168ms
168ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c9e7b42.f951917
date: Fri, 06 Oct 2023 14:18:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 150,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=67, inner; dur=60
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2023100614182529276C8D477707B289A6
x-cache-remote: TCP_MISS from a23-48-215-158.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 67,23.48.215.158
x-tt-trace-host: 01782c1aa098d441e14c7848822c4a7ef0b0738c6dca2cf3f16fbc6ee1a567e53968b24c543ae407a86ee7237ce0a326eeecdbc92e5c9ff0ad15da545f32989eccf83282fb25eb7ff6b3bfe46d31bfea52afb0d713c04823147b23d5a40fcfc8704351b10487ba0a200e51186a942313f7
access-control-allow-headers: Authorization,*
expires: Fri, 06 Oct 2023 14:18:25 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
790 B 179ms
179ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4f1ff0ff.f951918
date: Fri, 06 Oct 2023 14:18:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 162,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=75, inner; dur=72
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231006141825F178646CAF95C6C0E105
x-cache-remote: TCP_MISS from a23-220-106-82.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 75,23.220.106.82
x-tt-trace-host: 01782c1aa098d441e14c7848822c4a7ef0b0738c6dca2cf3f16fbc6ee1a567e53924cf315b50c7fc1660d9863c8aac6a1c5a61c9c5f5f48331655549caeee5a4d125cb2234a11810df6fb2d53b80a16d214f5873dce48146125403789e33f194428290228aa96f775e9c38fe0a3e3af817
access-control-allow-headers: Authorization,*
expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame AFFE
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=anhembi.br&sn=ChromeSyncframe&so=0&topUrl=portal.anhembi.br&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=zCbrjXxza3EyekIzYWtBUlJwbmsvVER6UzhVdTV1M1NvUlVUWXpNZFFINkxHUXhVQWdobVpQVGcvYXR6bFNFZVU4NjcwRWNvVnY3TUJmbFJxa2hsR3crVllQZWJGUDNkMDlFMUdNdU0rUDl3bUtvTlNRNVhicVlvbFY2ZF...

428 B
651 B

79ms
18ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=zCbrjXxza3EyekIzYWtBUlJwbmsvVER6UzhVdTV1M1NvUlVUWXpNZFFINkxHUXhVQWdobVpQVGcvYXR6bFNFZVU4NjcwRWNvVnY3TUJmbFJxa2hsR3crVllQZWJGUDNkMDlFMUdNdU0rUDl3bUtvTlNRNVhicVlvbFY2ZFpDa1ozUWU0Sk0xaGcyTDRyZXlzNlNxTlhNemxUV3kvMDVkMjZoNHVQSzhnR1M0NUhPbFV3NGhnelIzWWZNbjlLOFVOdk4zK1ErWVlsYzEvbENqYmJPRUNha1NUZWcrOElRaXJ6OW5nNmNabHQ1RGJGWWNVRVJlS2JQd1d5dlgrZGtZV0dpZFAyMVZyWkVmMFMxVk1BM0xaRS9ZeFlqZz09fA&cppv=2

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6465a299bfe4d83cdccf3a86c2cf286fe83d04db74625d9e23b9c57e237a1627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2037522
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=zCbrjXxza3EyekIzYWtBUlJwbmsvVER6UzhVdTV1M1NvUlVUWXpNZFFINkxHUXhVQWdobVpQVGcvYXR6bFNFZVU4NjcwRWNvVnY3TUJmbFJxa2hsR3crVllQZWJGUDNkMDlFMUdNdU0rUDl3bUtvTlNRNVhicVlvbFY2ZFpDa1ozUWU0Sk0xaGcyTDRyZXlzNlNxTlhNemxUV3kvMDVkMjZoNHVQSzhnR1M0NUhPbFV3NGhnelIzWWZNbjlLOFVOdk4zK1ErWVlsYzEvbENqYmJPRUNha1NUZWcrOElRaXJ6OW5nNmNabHQ1RGJGWWNVRVJlS2JQd1d5dlgrZGtZV0dpZFAyMVZyWkVmMFMxVk1BM0xaRS9ZeFlqZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 270363
content-length: 0
expires: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 139ms
139ms Script
application/x-javascript 2606:4700::6810:ef3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=9&id=136e3ab50446ad7cda2bcf426810%7C0&acc=69196&tit=P%25E1gina%2520principal%2520-%2520Anhembi&url=https%253A%2F%2Fportal.anhembi.br%2F&upd=1&new=1
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:ef3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 811e88948a459b69-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJi...
https://widget.us.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJi...

10 KB
4 KB

315ms
107ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.us.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJiNGlHZ0klMkZEaXZzNzklMkZ0UmtJOTYwSWJxR0xVWUVpdmFZNjhYWWlHUWM1bk4zSTdVMDdjTndwWHRKUVZoVGdmSTBaOHZ3aU11djRXJTJGa3BRVXdDS1lJVlVGdkdZeCUyRjdwc1pvQ1ZkUG5pM1U2dENVV1IwUSUzRCUzRA&tld=anhembi.br&dy=1&fu=https%253A%252F%252Fportal.anhembi.br%252F&ceid=02561a79-bbc3-4031-be08-d749df381a5b&dtycbr=94789

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

557cf5c85836de1094f44e63b5f55a16c2ad4b25808ccf981ff518e9158fbb99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 14399374
timing-allow-origin: *
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-origin: *
location: https://widget.us.criteo.com/event?a=81834&v=5.18.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJiNGlHZ0klMkZEaXZzNzklMkZ0UmtJOTYwSWJxR0xVWUVpdmFZNjhYWWlHUWM1bk4zSTdVMDdjTndwWHRKUVZoVGdmSTBaOHZ3aU11djRXJTJGa3BRVXdDS1lJVlVGdkdZeCUyRjdwc1pvQ1ZkUG5pM1U2dENVV1IwUSUzRCUzRA&tld=anhembi.br&dy=1&fu=https%253A%252F%252Fportal.anhembi.br%252F&ceid=02561a79-bbc3-4031-be08-d749df381a5b&dtycbr=94789
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 25922980
timing-allow-origin: *
content-length: 0
expires: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
297 B 422ms
422ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.anhembi.br
Date: Fri, 06 Oct 2023 14:18:25 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
789 B 162ms
161ms Ping
text/plain 23.38.98.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWQ0NWRkZTlhMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.84 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-84.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c9e7d78.f9519b2
date: Fri, 06 Oct 2023 14:18:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-38-99-148.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
x-parent-response-time: 140,23.38.99.148
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=54, inner; dur=46
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231006141825C97F2883E3CEA3BA8812
x-cache-remote: TCP_MISS from a23-48-215-158.deploy.akamaitechnologies.com (AkamaiGHost/11.2.5.2-51606170) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 54,23.48.215.158
x-tt-trace-host: 01782c1aa098d441e14c7848822c4a7ef0b0738c6dca2cf3f16fbc6ee1a567e53968b24c543ae407a86ee7237ce0a326ee264a281ce7b4517bcee87b942e141170164d63ec7c87e2c4105a43096d4dc118634cd91168987d4ee40c747b4c725af5b7f8c39d7ffe112684e715d318acee50
access-control-allow-headers: Authorization,*
expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 109ms
35ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2006%20Oct%202023%2014%3A18%3A25%20GMT&n=-2d&b=P%C3%A1gina%20principal%20-%20Anhembi&.yp=10186525&f=https%3A%2F%2Fportal.anhembi.br%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame ED83 5 KB
2 KB 91ms
27ms Document
text/html 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

580ebd5f33bc0d23b8a3c9f989f81650cf1534cd9ded5fb7f55a10ccb0b8faf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 06 Oct 2023 14:18:25 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
a1.seadform.net/serving/cookie/sync/ 35 B
467 B 140ms
31ms Image
image/gif 37.157.5.84
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a1.seadform.net/serving/cookie/sync/?uid=5454681515320076977&stamp=Kx3Qrudp6TADvP-67D9Y4w2

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
content-type: image/gif
cache-control: private

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/ 190 KB
29 KB 42ms
24ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.0/dist/css/bootstrap.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 19547085
x-jsd-version: 5.2.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230090-FRA, cache-yyz4561-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"2f88b-Yz6bIW1g1A6raHMXUTTpNbVU+JE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y9wE4hFVOMnZxcloFqDzcfDxi82ZOZkx0FUg9o%2FoC0nqJ7jxzzEcpVfXmp811BOcT5vXSnPQ6Q7IB5jQ0qbZp7BKQoteg8Wv1fnrw1tRRyAz4SP3JKoE2kVlSYfku7gClgGreTE4m91jkB8bonE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811e8896385b3689-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.4/font/ 92 KB
13 KB 22ms
16ms Stylesheet
text/css 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.4/font/bootstrap-icons.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75946f531eb9c7820bf3199dedc16db5d8b3630b4d8e45eafec594c5eca95a67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11607628
x-jsd-version: 1.10.4
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230080-FRA, cache-yyz4548-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"16e21-QQqI4vCsPRSOkIFaPzfF9B0U//w"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn7HhzW62dUa%2BjDlerH%2FvQljErzDzR7X%2BxMLEmOCozYfiHKhbx4oohXMncaMjlk4Tf%2Ft4Guy3tSnmfHsWxPJ4QU3FnYsPKHT4Mk5NLb5Aww3naRFKxV85DAryKlttFwhhFUIFbM6zSyY%2BnAxhxo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 811e8896385c3689-FRA

GET
H2 200 plf
c1.adform.net/imatch/ Frame ED83 0
384 B 30ms
29ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 match
ad.360yield.com/ Frame ED83 43 B
199 B 641ms
35ms Image
image/gif 63.32.119.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=5454681515320076977&Expiration=1697811505
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.32.119.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-119-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 06 Oct 2023 14:18:26 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame ED83 0
400 B 55ms
23ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=4879&ext_id=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:18:25 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Thu, 05 Oct 2023 14:18:25 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame ED83 0
214 B 72ms
12ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5232&puid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame ED83
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5454681515320076977&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=5454681515320076977&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=6318d38004a946738...
https://c1.adform.net/serving/cookie/match?party=9&uid=01a2ece57f9946c73a25f31d927537e0f51657c8d956fb5e367198321f9f98d9

35 B
591 B

26ms
26ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=01a2ece57f9946c73a25f31d927537e0f51657c8d956fb5e367198321f9f98d9

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=01a2ece57f9946c73a25f31d927537e0f51657c8d956fb5e367198321f9f98d9
date: Fri, 06 Oct 2023 14:18:26 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame ED83 43 B
114 B 611ms
20ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=5454681515320076977&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55944/ Frame ED83 0
125 B 55ms
15ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=5454681515320076977&_origin=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame ED83 43 B
683 B 58ms
19ms Image
image/gif 2.21.20.202
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.20.202 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-21-20-202.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:18:25 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1696601905777037-525
Expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame ED83 43 B
146 B 53ms
13ms Image
image/gif 18.185.230.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.230.6 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-230-6.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame ED83
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505&C=1

43 B
564 B

24ms
24ms

Image
image/gif

104.18.26.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Server: 104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cupyVrFVBCKJ3xH9%2F7rFPKRpIfqIgU2oasTEdliwAujsKBj3Je4S9kBcfEWbCL06JJ%2F9HTD0ECIO8vOgh3AOSm6%2B%2B2%2BYG0qT%2Fwhc2xcQkR472YLjEaRPrAmETM9rA1lV%2BUAVo9AGGlqwDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 811e8899be129c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2F0FMnG7wgMXK0ZCAQEOB77Msj1t1AQ33Kk50cjOZUfRgNzZ93mXsd%2BYbW1xZAdOtHDDVfKbnh%2BDhAWWsmMcLl6ZI1erbNm8ej1zaTonGbwfhpzBeFLSGZO%2B0PeCjmWgzqldWw5FU0ziLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=111&external_user_id=5454681515320076977&expiration=1697811505&C=1
cache-control: no-cache
cf-ray: 811e88975b0a9c07-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

200
OK

12092831
se.semasio.net/sync/1/ Frame ED83
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=5454681515320076977&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=5454681515320076977&sInitiator=external
https://se.semasio.net/sync/1/16266044?sExtCookieId=5454681515320076977&gdpr=&sInitiator=external
https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F647471%3FsExtCookieId%3D%25%25COOKIE%25%25%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/647471?sExtCookieId=7286849700626299021&sInitiator=internal&gdpr=
https://ib.adnxs.com/getuid?https%3A%2F%2Fse.semasio.net%2Fsync%2F1%2F4354957%3FsExtCookieId%3D%24UID%26sInitiator%3Dinternal&gdpr=
https://se.semasio.net/sync/1/4354957?sExtCookieId=2388370387289337654&sInitiator=internal&gdpr=
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=Qjg5QzE1OTlGNzM0QjE3Ng&gdpr=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=&google_cver=1
https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=

0
415 B

28ms
27ms

Image
text/plain

77.243.51.122
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Server: 77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:35 GMT
uip-status: Ok
frontend-id: 04
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:36 GMT
frontend-id: 11
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://se.semasio.net/sync/1/12092831?sExtCookieId=CAESEKkBJD4nGQPmkLmcKeEiXHM&sInitiator=internal&google_cver=1&gdpr=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame ED83 0
344 B 546ms
8ms Image
text/plain 3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5454681515320076977&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:18:26 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame ED83
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5454681515320076977
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=5454681515320076977&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
380 B

289ms
13ms

Image
image/gif

2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 06 Oct 2023 14:18:26 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 867068
x-accel-date: 1695734838
content-length: 43
x-77-nzt: AZySIYs3Nzf//DoNAA
x-accel-expires: @1696771638
x-77-age: 867068
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: cf878727651ebaba32172065398b7e2a
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Fri, 06 Oct 2023 14:18:26 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 451 398366.gif
idsync.rlcdn.com/ Frame ED83 0
98 B 555ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 404 gdpr_consent=
sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5454681515320076977/gdpr=/ Frame ED83 49 B
266 B 563ms
32ms Image
image/gif 54.217.255.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5454681515320076977/gdpr=/gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.217.255.105 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-217-255-105.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.179
content-length: 49
expires: 0

GET
H2 200 29729
tags.bluekai.com/site/ Frame ED83 62 B
218 B 812ms
293ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 06 Oct 2023 14:18:26 GMT
content-length: 62
content-type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame ED83 43 B
273 B 160ms
19ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame ED83
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

321ms
41ms

Image
image/gif

52.218.121.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Server: 52.218.121.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:18:27 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: A05Z63BB5V1YAWN8
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: ZVKxkKhO6hcQ/lEN/flZJIHf/OwN1tS7uP9vcH0jU5c+diVx/jvp/bbPQD4zbuWKYg6urrhNsIo=

Redirect headers

X-Error-Reason: Missing UserId
Date: Fri, 06 Oct 2023 14:18:25 GMT
Server: akka-http/10.2.10
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 137

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame ED83
Redirect Chain

https://pixel.onaudience.com/?mapped=5454681515320076977&partner=68
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=1&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=f8d64d55d97af39a39e4365abb2c2380&gdpr=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1

70 B
149 B

393ms
35ms

Image
image/gif

52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length: 0

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame ED83
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=5454681515320076977
https://tags.adsafety.net/v1/cm?cm_uid=CM1202310061436f85c8471440f633a3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D&...
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=fb7648557393528f4ec592dd2eb35afd
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM1202310061436f85c8471440f633a3&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=fb7648557393528f4ec592dd2eb35afd&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMzEwMDYxNDM2Zjg1Yzg0NzE0NDBmNjMzYTM&gdpr_consent=&gdpr=0
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESENMdpzpriQHEKsfbYSdOnYE&gdpr_consent=&gdpr=0&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM1202310061436f85c8471440f633a3
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=5454681515320076977
https://dsp.adfarm1.adition.com/cookie/?ssp=6
https://cm.smartstream.tv/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021
https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021

43 B
2 KB

19ms
19ms

Image
image/gif

217.79.178.221
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Server: 217.79.178.221 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: cm49.as.net
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:18:27 GMT
Last-Modified: Fri, 06 Oct 2023 14:18:27 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

Location: https://cm.adsafety.net/?_cmsrc=activeagent_cm&idt=100&did=7286849700626299021
Date: Fri, 06 Oct 2023 14:18:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame ED83 0
338 B 359ms
28ms Image
text/plain 18.203.183.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

x-served-by: beacon-n022-dub-prod.krxd.net
date: Fri, 06 Oct 2023 14:18:26 GMT
cache-control: private, no-cache, no-store
x-request-time: D=37 t=1696601906
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame ED83
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTQ1NDY4MTUxNTMyMDA3Njk3Nw
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZAT8urnz9A9xp7XH-ZSJ4&google_cver=1&google_ula=1641347,0

35 B
600 B

212ms
211ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZAT8urnz9A9xp7XH-ZSJ4&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENZAT8urnz9A9xp7XH-ZSJ4&google_cver=1&google_ula=1641347,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
secure.adnxs.com/ Frame ED83
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=2388370387289337654&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=5454681515320076977

43 B
835 B

12ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=5454681515320076977

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
an-x-request-uuid: 08f05c06-5bc6-4ae9-a767-4c487fdd1857
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.131; 178.162.209.131; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://secure.adnxs.com/setuid?entity=91&code=5454681515320076977
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame ED83 42 B
474 B 57ms
18ms Image
image/gif 198.47.127.205
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 06 Oct 2023 14:14:25 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame ED83 0
384 B 33ms
29ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame ED83 43 B
444 B 268ms
11ms Image
image/gif 65.9.66.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-43.fra56.r.cloudfront.net
Software: nginx/1.22.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 06:30:59 GMT
Via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.22.0
X-Amz-Cf-Pop: FRA56-C1
Age: 28047
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-Amz-Cf-Id: -3TrdepRpClfl1dqyd8LUyxPjT9eOH4IOmcIB0pmmYTZOzgmVjFLPA==

GET
H/1.1

200

p
a.audrte.com/ Frame ED83
Redirect Chain

https://a.audrte.com/a?adform_uid=5454681515320076977
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=YmU1VnM4WHZMMWpSWHVoTDNZNlFkaWFWUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/p

68 B
424 B

94ms
93ms

Image
image/png

54.211.118.49

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Server: 54.211.118.49 -, , ASN (),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:18:27 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 06 Oct 2023 14:18:27 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame ED83
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=5454681515320076977&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=5454681515320076977&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredire...
https://c1.adform.net/serving/cookie/match?party=1007&cid=32044743051135065723646114029676436537&noredirect=1

35 B
600 B

26ms
25ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=32044743051135065723646114029676436537&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v051-0634df496.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: rv1pY2p1RA8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=32044743051135065723646114029676436537&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame ED83
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=5454681515320076977
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219563204661002694073

35 B
600 B

34ms
34ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219563204661002694073

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=219563204661002694073
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame ED83
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7286849700626299021

35 B
591 B

33ms
30ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7286849700626299021

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7286849700626299021
Date: Fri, 06 Oct 2023 14:18:26 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 33302
tags.bluekai.com/site/ Frame ED83 62 B
429 B 165ms
164ms Image
image/gif 69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 06 Oct 2023 14:18:26 GMT
content-length: 62
content-type: image/gif

GET
H/1.1 200
OK img
pixel.mathtag.com/sync/ Frame ED83 43 B
418 B 86ms
26ms Image
image/gif 184.30.20.207

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.207 -, , ASN (),
Reverse DNS
Software: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:18:26 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x29 config_version:"1438"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Fri, 06 Oct 2023 14:18:25 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame ED83
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=4Wt60m9W1QOLES5

35 B
591 B

33ms
33ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=4Wt60m9W1QOLES5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 06 Oct 2023 14:18:26 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e647d20a74bb4317@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=4Wt60m9W1QOLES5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame ED83 70 B
148 B 369ms
36ms Image
image/gif 52.223.40.198

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET image.sbmx
global.ib-ibi.com/ Frame ED83 0
0

GET
H2 200 0.gif
id5-sync.com/s/10/ Frame ED83 43 B
921 B 275ms
17ms Image
image/gif 141.95.98.65

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=5454681515320076977

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 -, , ASN (),

Reverse DNS

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame ED83
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1789222756
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6bk5HNU8o4/R1KH3c8ohDu

35 B
600 B

34ms
27ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6bk5HNU8o4/R1KH3c8ohDu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
via: 1.1 google
last-modified: Fri, 06 Oct 2023 14:18:27 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=6bk5HNU8o4/R1KH3c8ohDu
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame ED83 23 B
163 B 240ms
36ms Image
image/gif 104.102.35.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

expires: Fri, 06 Oct 2023 14:18:27 GMT
pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET pixel.gif
sync.1dmp.io/ Frame ED83 0
0

GET
H2 204 /
s.ad.smaato.net/c/ Frame ED83 0
239 B 86ms
18ms Image
text/plain 2600:9000:211e:2400:1b:5138:8a40:93a1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:2400:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
cache-control: no-cache, must-revalidate
via: 1.1 8fd360cd20d33fa1400394ae41746f66.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: JXTcDBwEGDrPFPqilkHfZlCkWOqR9Z5r_IgCUptVv8SUUaS8vhIl4g==
x-cache: Miss from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame ED83
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=5454681515320076977&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DE...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=5454681515320076977&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7...
https://c1.adform.net/serving/cookie/match?party=2007&cid=6d83082e-e984-400d-87c9-8fe35b0e9a33

35 B
600 B

26ms
26ms

Image
image/gif

37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=6d83082e-e984-400d-87c9-8fe35b0e9a33

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

date: Fri, 06 Oct 2023 14:18:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://c1.adform.net/serving/cookie/match?party=2007&cid=6d83082e-e984-400d-87c9-8fe35b0e9a33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 5454681515320076977
match.contentexchange.me/adform/ Frame ED83 0
49 B 163ms
42ms Image
text/plain 46.19.11.36

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/5454681515320076977?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 -, , ASN (),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
content-length: 0
server: nginx/1.16.1

GET
H2 200 xuid
eb2.3lift.com/ Frame ED83 37 B
140 B 77ms
7ms Image
image/gif 76.223.111.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7354&xuid=5454681515320076977&dongle=AD20
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 76.223.111.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET 296800c6dbd7f8eb22cf034b9927d719.gif
sync.e-volution.ai/ Frame ED83 0
0

GET
H2 204 put
e1.emxdgt.com/ Frame ED83 0
44 B 52ms
7ms Image
text/plain 3.123.197.153

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d52&uid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.197.153 -, , ASN (),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
server: awselb/2.0

GET
H2 204 adf
pixel.sojern.com/idsync/ Frame ED83 0
156 B 102ms
20ms Image
text/plain 107.178.244.119

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/adf?adfid=5454681515320076977
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"

GET
H2 200 plf
c1.adform.net/imatch/ Frame ED83 0
384 B 31ms
29ms Image
text/plain 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=5454681515320076977&agencyId=462&advertiserId=2127611&src=tp&rnd=789646
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H3 200 schema Show response
portal.anhembi.br/wp-json/contact-form-7/v1/contact-forms/5/feedback/ 894 B
853 B 30ms
29ms Fetch
application/json 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/wp-json/contact-form-7/v1/contact-forms/5/feedback/schema

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7559febec7366c06504f96ff7c8565b4e994bc2f19de7ef6c7539f77cf03d779

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept: application/json, */*;q=0.1
Referer: https://portal.anhembi.br/
tracestate: 3463728@nr=0-1-3463728-1386009497-a2e4c0c3bf865fd9----1696601905787
traceparent: 00-b3419091835f91a6ad11a6b80faee515-a2e4c0c3bf865fd9-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM0NjM3MjgiLCJhcCI6IjEzODYwMDk0OTciLCJpZCI6ImEyZTRjMGMzYmY4NjVmZDkiLCJ0ciI6ImIzNDE5MDkxODM1ZjkxYTZhZDExYTZiODBmYWVlNTE1IiwidGkiOjE2OTY2MDE5MDU3ODd9fQ==

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
age: 4798
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 06 Oct 2023 12:58:27 GMT
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding, Origin
allow: GET
content-type: application/json; charset=UTF-8
x-frame-options: SAMEORIGIN
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: public, max-age=7200
x-robots-tag: noindex
link: <https://portal.anhembi.br/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
cf-ray: 811e88973f4c193c-FRA
expires: Fri, 06 Oct 2023 16:18:25 GMT

GET
H3

200

main.js Show response
portal.anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/ Frame 31C8
Redirect Chain

https://portal.anhembi.br/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://portal.anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

7 KB
4 KB

18ms
18ms

Script
application/javascript

104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa1bd5e89caaceea4e37fcde5432c0c67c75f63b34f0189911fa4fa4666b4fb1

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
content-encoding: gzip
referrer-policy: same-origin
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 811e8899ba80193c-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

Redirect headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
expect-ct: max-age=86400, enforce
vary: accept-encoding
x-frame-options: SAMEORIGIN
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/dffb14d6/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 811e88974f60193c-FRA

GET
H2 200 / Show response
event.getblue.io/p/ Frame 1A69 0
210 B 271ms
267ms Document
text/html 54.94.10.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.getblue.io/p/?cId=888BDB6E-BACD-3493-88C9EC28A21B6600&tName=visit&pId=&revenue=&orderId=&p1=&p2=&p3=&fp=&blueID=710edefa-17f2-45f5-a627-4740ff0066ba&ulc=&v=29092023-1023&nocache=6939285549789.564
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.10.210 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-10-210.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-length: 0
content-type: text/html;charset=UTF-8
date: Fri, 06 Oct 2023 14:18:25 GMT
tagcontainer-version: 1194-29092023-1024

GET
H2 200 / Show response
widget.getblue.io/event/ 0
56 B 257ms
218ms Script
text/html 54.94.10.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.getblue.io/event/?cId=888BDB6E-BACD-3493-88C9EC28A21B6600&tName=visit&pId=&revenue=&orderId=&p1=&p2=e%3Dvp&p3=e%3Ddis&adce=1&dtycbr=87954&fp=&blueID=710edefa-17f2-45f5-a627-4740ff0066ba&ulc=&v=29092023-1023&if=0&nocache=63941598366.008545
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.94.10.210 São Paulo, Brazil, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-94-10-210.sa-east-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:25 GMT
content-length: 0
content-type: text/html;charset=UTF-8

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 198 KB
53 KB 33ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:18:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53356
x-xss-protection: 0
pragma: public
x-fb-debug: /hNf6ERLKKpoUBlqvld5XOMsckwoq/jwGbef3y5/t1h/nF/+3WMt+DhW+ZEQGXoc7OwPVK17vrfsyWVYQQDrEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
aprtn.com/code/15531/ 412 B
550 B 571ms
14ms Script
text/javascript 88.208.1.235
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://aprtn.com/code/15531/
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 88.208.1.235 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dbf3caaffd3a7a9eff7ef0cea73ca03ed431098c03a5d3bf52c32555d96da85f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Fri, 06 Oct 2023 14:14:24 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Expires: Fri, 06 Oct 2023 14:14:24 GMT

GET
H3 200 UAM_24-1_VT1_Banner640x353.jpg
portal.anhembi.br/wp-content/uploads/2023/10/ 102 KB
102 KB 710ms
710ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2023/10/UAM_24-1_VT1_Banner640x353.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

562178f875516f4bedefc750f1d48087702d814c9ff8d60039cb2744ffcc9c0a

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 104055
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 04 Oct 2023 17:44:30 GMT
server: cloudflare
etag: "651da47e-19677"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a62193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 graduacao_3.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 24 KB
24 KB 479ms
478ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/graduacao_3.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c500bc2cf23e889b4a1186d3bb92d43e4dde2a63e0aa5991b9ae6fc65c9809d

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 24458
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 19:30:05 GMT
server: cloudflare
etag: "6285493d-5f8a"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a64193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 shutterstock_1350370946.jpg
portal.anhembi.br/wp-content/uploads/2022/04/ 23 KB
24 KB 620ms
618ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/04/shutterstock_1350370946.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fe48b9d5a859d0df312046517d3c417afc5d187075b428df90d54a737be1405

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 23669
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 29 Apr 2022 00:53:44 GMT
server: cloudflare
etag: "626b3718-5c75"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a65193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 mba.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 27 KB
27 KB 495ms
493ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/mba.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7769c510fba43f94f6ff9d6c154ee0d2aa39d278056603e93eedc2d8ba5062c6

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 27293
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 19:30:09 GMT
server: cloudflare
etag: "62854941-6a9d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a67193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 mestrado-e-doutorado.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 21 KB
21 KB 533ms
531ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/mestrado-e-doutorado.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b92e9b49a815a438864c0c6e451af77f1fe78608519da61b05b8655766db6294

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 21482
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 20:22:27 GMT
server: cloudflare
etag: "62855583-53ea"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a68193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 modalidade_presencial.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 199 KB
199 KB 581ms
580ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/modalidade_presencial.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72e43963889c12b4d9dfc4eb2c87215704f7681fc98c1da9df1aa6338217b98f

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 203827
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 18:39:50 GMT
server: cloudflare
etag: "62853d76-31c33"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a69193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 modalidade-semi.jpg
portal.anhembi.br/wp-content/uploads/2022/04/ 158 KB
158 KB 623ms
621ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/04/modalidade-semi.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63874c5361938017a3dcc8900a2cde4dcd8c64444166466d1aeef67942ed831d

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 161357
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 04 Apr 2022 22:04:21 GMT
server: cloudflare
etag: "624b6b65-2764d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a6b193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 modalidade_live.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 151 KB
152 KB 634ms
633ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/modalidade_live.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41e87db5011e2bdc907233c1d5aa898e194ffaaca5eaaa3ca65e750aff8f1c1b

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 154764
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 18:49:50 GMT
server: cloudflare
etag: "62853fce-25c8c"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a6c193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 modalidade_EAD.jpg
portal.anhembi.br/wp-content/uploads/2022/05/ 165 KB
166 KB 656ms
655ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/05/modalidade_EAD.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41c92a437bec935c75d5fb9c025102c2a863eb503197dba99d2289bc39289bd9

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
alt-svc: h3=":443"; ma=86400
content-length: 169317
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 18 May 2022 18:40:06 GMT
server: cloudflare
etag: "62853d86-29565"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a6e193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H3 200 inovacao-Universidade-Anhembi-Sao-Paulo-Forma-de-Entrada-e1649795636205.jpg
portal.anhembi.br/wp-content/uploads/2022/04/ 132 KB
133 KB 44ms
43ms Image
image/jpeg 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://portal.anhembi.br/wp-content/uploads/2022/04/inovacao-Universidade-Anhembi-Sao-Paulo-Forma-de-Entrada-e1649795636205.jpg

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

358726fa37724cd48c8e7e34975e51165df826fdc0d6f2f24cb00ab742b1071c

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://portal.anhembi.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
age: 4796
alt-svc: h3=":443"; ma=86400
content-length: 135522
x-xss-protection: 1; mode=block
referrer-policy: same-origin
cf-bgj: h2pri
last-modified: Tue, 12 Apr 2022 20:36:59 GMT
server: cloudflare
etag: "6255e2eb-21162"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 811e88999a70193c-FRA
expires: Mon, 03 Oct 2033 14:18:26 GMT

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4063180&tm=gtm002&Ver=2&mid=5d885443-08e3-4641-967f-1d3bb6d599da&sid=36f14b80645311eebe8ff129ac3ee88b&vid=36f18c90645311eead0605d60ebc6be9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=P%C3%A1gina%20principal%20-%20Anhembi&p=https%3A%2F%2Fportal.anhembi.br%2F&r=&lt=3276&evt=pageLoad&sv=1&rn=989146

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 06 Oct 2023 14:18:26 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A52A823DF7A04828AC6650388D20783F Ref B: FRAEDGE1818 Ref C: 2023-10-06T14:18:26Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 278371175687563 Show response
connect.facebook.net/signals/config/ 362 KB
113 KB 601ms
600ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/278371175687563?v=2.9.132&r=stable&domain=portal.anhembi.br

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9399f7b0bcdd77bad49e431c24ae51c09158a0a5f1b2716cd9ccc2434ac6a2a3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:18:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: eA1xfa+mC07ZkLw6w/Pd13a+9bD0OF6F11fmIrh1y1Pb/mWVqkE7/f5OSTZnRGqDcRKPtjaGZ/8iUWsanwOqeg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 811e888c6ab74dc4 Show response
portal.anhembi.br/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 31C8 0
480 B 35ms
35ms XHR
text/plain 104.18.9.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.anhembi.br/cdn-cgi/challenge-platform/h/g/jsd/r/811e888c6ab74dc4

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/cdn-cgi/challenge-platform/scripts/jsd/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.9.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
x-content-type-options: nosniff
content-encoding: gzip
server: cloudflare
content-security-policy: img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
cf-ray: 811e889aebfc193c-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
metrics.getrmads.com/tag/ 4 KB
2 KB 257ms
225ms Script
text/javascript 2606:4700:e2::ac40:8113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.getrmads.com/tag/js?rtid=REH-1691446272083886

Requested by

Host: aprtn.com
URL: https://aprtn.com/code/15531/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVGXldJstqA3Zgegp%2BpmaE3BHO4CoBt2UsjluKCi5vdaqMgi1%2B6oLKiLgKcXp9QIpNRqD2PktrjDjTWTY0ouMas5NA1ymw3ozMn%2FMP3JjJCRSykhVr82D3j%2FRzOkz3s%2F78uommN%2FQ91JdFZ2ev8bfNnRZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 811e889b2ad4bb7d-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 wmetrics Show response
metrics.getrmads.com/ 0
276 B 139ms
139ms Script
text/javascript 2606:4700:e2::ac40:8113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.getrmads.com/wmetrics?rtid=REH-1691446272083886&lg=en-us&sr=1600x1200&fr=0&dr=&dl=https%3A%2F%2Fportal.anhembi.br%2F&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:8113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 Oct 2023 14:18:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwN3pyX8Z6bfDyGRnRX4IRQ5sTcDx8S9vWemD9tjLJ4isqMA6FBPxsD3trb7l%2F5V0%2F2pi%2FhmsOyfRO16ETBULYVIZ%2B8fyuDBD9D6xwprpGldq93YhlsJlc6DS7RFy7HBDEhIB4ISLpGW3ylnnCUWEECOGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 811e889cbd03bb7d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1399414/log/3/ 0
248 B 372ms
15ms XHR
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1399414/log/3/unip?en=pre_d_eng_tb&tos=1566&scd=0&ssd=1&est=1696601905165&ver=36&isls=true&src=i&invt=1500&msa=5042&rv=1&tim=1696601906732&vi=1696601905163&ri=ba8ef1e1a8d091ef69f0a89bbc45569b&ref=null&cv=20230928-12-RELEASE&item-url=https%3A%2F%2Fportal.anhembi.br%2F
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-origin: https://portal.anhembi.br
pragma: no-cache
date: Fri, 06 Oct 2023 14:18:27 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 306914741299100 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 72ms
70ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/306914741299100?v=2.9.132&r=stable&domain=portal.anhembi.br

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

763ba02cc4012884b84884486e4a7087a101b60c6b78725ea0485c1f8bb596b9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:18:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: XheqACBUpuoWDyvsQzFml7jl9TaTVk2fh1/y5dMDZiw3K7t8DE7zJJcpXbBL7bsyUpZWxe4YeNBdgR0bStKdQA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 193ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=278371175687563&ev=PageView&dl=https%3A%2F%2Fportal.anhembi.br%2F&rl=&if=false&ts=1696601906907&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696601906900.680968368&eid=ob3_plugin-set_9f5e4dc4773e918421d32beaa908e8f3f370ac7e690c92a0ca2691cee8248ea1&ler=empty&it=1696601906220&coo=false&exp=a1&rqm=GET

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 14:18:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 events Show response
capig.anhembi.br/ 0
338 B 1532ms
100ms XHR
text/plain 2600:1f18:4f89:f300:4acc:520e:a17b:f87f

General

Check archive.org

Show headers Download Go to

Full URL

https://capig.anhembi.br/events

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1f18:4f89:f300:4acc:520e:a17b:f87f -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://portal.anhembi.br
date: Fri, 06 Oct 2023 14:18:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H3 200 682805396358313 Show response
connect.facebook.net/signals/config/ 131 KB
34 KB 80ms
80ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/682805396358313?v=2.9.132&r=stable&domain=portal.anhembi.br

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fbfd512dc48cf14adcf7b5cc0b5df745b7149802574bd649ee68fc475747aecd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 06 Oct 2023 14:18:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: gE7c8QnM+7zNk8lKnfv6VisWrsK85uHOnBNpaFae9RKH+yU4O1dNtzG8zZ1UjItt5S7e6UVJB67/ghDctcmWhg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306914741299100&ev=PageView&dl=https%3A%2F%2Fportal.anhembi.br%2F&rl=&if=false&ts=1696601907094&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696601906900.680968368&ler=empty&it=1696601906220&coo=false&exp=a1&rqm=GET

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 14:18:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
7ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=682805396358313&ev=PageView&dl=https%3A%2F%2Fportal.anhembi.br%2F&rl=&if=false&ts=1696601907189&sw=1600&sh=1200&v=2.9.132&r=stable&ec=0&o=30&fbp=fb.1.1696601906900.680968368&ler=empty&it=1696601906220&coo=false&exp=a1&rqm=GET

Requested by

Host: portal.anhembi.br
URL: https://portal.anhembi.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 06 Oct 2023 14:18:27 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H/1.1 204
No Content collect Show response
z.clarity.ms/ 0
297 B 422ms
422ms XHR
text/plain 20.10.16.51
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.clarity.ms/collect
Requested by: Host: portal.anhembi.br
URL: https://portal.anhembi.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.10.16.51 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://portal.anhembi.br
Date: Fri, 06 Oct 2023 14:18:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: anhembi.br
URL: https://anhembi.br/cdn-cgi/challenge-platform/h/g/jsd/r/811e888209f22c3a

Domain: anhembi.br
URL: https://anhembi.br/cdn-cgi/rum?

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5454681515320076977

Domain: sync.1dmp.io
URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=5454681515320076977

Domain: sync.e-volution.ai
URL: https://sync.e-volution.ai/296800c6dbd7f8eb22cf034b9927d719.gif?puid=5454681515320076977

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

85 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.anhembi.br/	1970-01-20 17:26:17	Name: _gcl_au Value: 1.1.1460222963.1696601905
www.clarity.ms/	1970-01-21 00:02:17	Name: CLID Value: ac62a46035584628be23eb69eec2ef69.20231006.20241005
.anhembi.br/	1970-01-21 00:02:17	Name: _clck Value: ihvg2q\|2\|ffm\|0\|1374
portal.anhembi.br/	1970-01-20 15:18:08	Name: ln_or Value: eyIxODc0MDA5LDIwMTU4NDkiOiJkIn0%3D
.portal.anhembi.br/	1970-01-21 00:52:41	Name: _ga Value: GA1.3.657101955.1696601905
.portal.anhembi.br/	1970-01-20 15:18:08	Name: _gid Value: GA1.3.707438106.1696601905
.portal.anhembi.br/	1970-01-20 15:16:41	Name: _dc_gtm_UA-1253276-12 Value: 1
.anhembi.br/	1970-01-20 15:18:08	Name: _gid Value: GA1.2.707438106.1696601905
.anhembi.br/	1970-01-20 15:16:41	Name: _dc_gtm_UA-1253276-3 Value: 1
.doubleclick.net/	1970-01-21 00:38:17	Name: IDE Value: AHWqTUnUyaUTVDI_q3xgo4Q2kKp60XSd0H1HRJBMkmiNjKeO-E-t6Y_H_Zbp9xk11fc
.anhembi.br/	1970-01-21 00:52:41	Name: _ga_LLQ62NLZ3L Value: GS1.1.1696601905.1.0.1696601905.60.0.0
.anhembi.br/	1970-01-21 00:52:41	Name: _ga Value: GA1.1.657101955.1696601905
.tiktok.com/	1970-01-21 00:38:17	Name: _ttp Value: 2WORztXULTSuLwuzHpFmGXoy282
.navdmp.com/	1970-01-21 00:02:38	Name: ac3 Value: 1
.linkedin.com/	1970-01-21 00:02:17	Name: bcookie Value: "v=2&a257f164-7048-4d01-89e2-f3f9c79a4717"
.linkedin.com/	1970-01-20 19:35:53	Name: li_gc Value: MTswOzE2OTY2MDE5MDU7MjswMjGlbFn3ZuAg7x4FwhUwPdft2O50tx1eEmX0Jmt0hg0sTA==
.linkedin.com/	1970-01-20 15:18:08	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2645:u=1:x=1:i=1696601905:t=1696688305:v=2:sig=AQEK_LLa_Wp8plTeOX-eHSsa7k06SBeR"
.criteo.com/	1970-01-21 00:38:17	Name: uid Value: e4e54b7c-b609-4cad-be35-11977a44296f
.anhembi.br/	1970-01-21 00:38:17	Name: _tt_enable_cookie Value: 1
.anhembi.br/	1970-01-21 00:38:17	Name: _ttp Value: 768UI0c8sBndkdFzUve-ZJU36Mu
.t.co/	1970-01-21 00:52:41	Name: muc_ads Value: 3212ec2f-d7b2-470f-bd7b-a10b27283135
.twitter.com/	1970-01-21 00:52:41	Name: personalization_id Value: "v1_6ZTKcNGjw6cH9Xm3nd8RLA=="
.navdmp.com/	1970-01-21 00:52:41	Name: nid Value: 136e3ab504fd25ccf038aee3f710\|0\|306
.anhembi.br/	1970-01-21 00:02:17	Name: nvg69196 Value: 136e3ab50446ad7cda2bcf426810\|0_280
.anhembi.br/	1970-01-20 15:18:08	Name: _clsk Value: 1q863kj\|1696601905464\|1\|1\|z.clarity.ms/collect
.anhembi.br/	1970-01-21 00:46:05	Name: cto_bundle Value: wa05ZF90OFNkNG1RMk9Vc1QzT0tSRmVISUt5a01wSHpjc3hDbXRHZHJiNGlHZ0klMkZEaXZzNzklMkZ0UmtJOTYwSWJxR0xVWUVpdmFZNjhYWWlHUWM1bk4zSTdVMDdjTndwWHRKUVZoVGdmSTBaOHZ3aU11djRXJTJGa3BRVXdDS1lJVlVGdkdZeCUyRjdwc1pvQ1ZkUG5pM1U2dENVV1IwUSUzRCUzRA
.adform.net/	1970-01-20 16:01:23	Name: C Value: 1
.adform.net/	1970-01-20 16:43:05	Name: uid Value: 5454681515320076977
.adform.net/	1970-01-20 15:18:08	Name: CM Value: 1\|1
.amazon-adsystem.com/	1970-01-20 21:44:03	Name: ad-id Value: A1KWOVGN3EfIkDXplSdgzFA
.amazon-adsystem.com/	1970-01-21 00:52:41	Name: ad-privacy Value: 0
.adform.net/	1970-01-20 15:36:51	Name: CM14 Value: 1696688305_1696601905_1_Hu7u4e4e4R7u7u4REREeERERERHhERE
.yahoo.com/	1970-01-21 00:02:39	Name: A3 Value: d=AQABBDEXIGUCEKRaHVTmdd-FluoUeaEefOwFEgEBAQFoIWUpZeAPyiMA_eMAAA&S=AQAAAlXGffrEQPO2r4rq4FxqI4Y
.seadform.net/	1970-01-20 16:43:09	Name: uid Value: 5454681515320076977
.portal.anhembi.br/	1970-01-21 00:02:17	Name: blueID Value: 710edefa-17f2-45f5-a627-4740ff0066ba
.anhembi.br/	1970-01-20 15:59:53	Name: Origem Value: null
.adscale.de/	1970-01-20 23:58:57	Name: uu Value: 6318d38004a9467383d0a8d591e54ae4
.adscale.de/	1970-01-20 23:58:57	Name: cct Value: 1696601905816
.ads.stickyadstv.com/	1970-01-20 16:43:05	Name: uid-bp-617 Value: 5454681515320076977
.ads.stickyadstv.com/	1970-01-20 15:59:53	Name: UID Value: 7323cd95eef4a519b28b6c34d0dda9a
.casalemedia.com/	1970-01-21 00:02:17	Name: CMID Value: ZSAXMRnZp6F0P11Eq9EEbQAA
.casalemedia.com/	1970-01-20 17:26:17	Name: CMPS Value: 5134
.casalemedia.com/	1970-01-20 17:26:17	Name: CMPRO Value: 5134
.getblue.io/	1970-01-21 00:02:17	Name: ckid Value: D43E4141-5665-4371-B10EC74A86E55B72
.anhembi.br/	1970-01-20 15:18:08	Name: _uetsid Value: 36f14b80645311eebe8ff129ac3ee88b
.anhembi.br/	1970-01-21 00:38:17	Name: _uetvid Value: 36f18c90645311eead0605d60ebc6be9
.ih.adscale.de/	1970-01-20 23:58:57	Name: tu Value: 4#2311913086#42~5454681515320076977~471278~0~0
.bing.com/	1970-01-21 00:38:17	Name: MUID Value: 161CE03FFDB067382EB3F39DFCB06603
.eyeota.net/	1970-01-20 15:16:42	Name: SERVERID Value: 16606~DM
.semasio.net/	1970-01-21 00:02:17	Name: SEUNCY Value: B89C1599F734B176
.anhembi.br/	1970-01-21 00:02:17	Name: cf_clearance Value: MWOuAblzVwr1HAV73YR463mQWxvheltFGrmTdC..HUU-1696601906-0-1-751bc84b.fa754cdb.2ae1a5c4-0.2.1696601906
cm.adsafety.net/	1970-01-21 00:02:17	Name: UID Value: CM1202310061436f85c8471440f633a3
.adsafety.net/	1970-01-21 00:02:17	Name: cm_uid Value: CM1202310061436f85c8471440f633a3
.adnxs.com/	1970-01-20 17:26:17	Name: uuid2 Value: 2388370387289337654
.onaudience.com/	1970-01-21 00:02:17	Name: cookie Value: 13ee40ebb33165c4
.onaudience.com/	1970-01-20 15:18:08	Name: done_redirects161 Value: 1
.pubmatic.com/	1970-01-20 15:59:53	Name: KRTBCOOKIE_391 Value: 22924-5454681515320076977&KRTB&23263-5454681515320076977&KRTB&23481-5454681515320076977
.pubmatic.com/	1970-01-20 15:59:53	Name: PugT Value: 1696601665
.adnxs.com/	1970-01-20 17:26:17	Name: anj Value: dTM7k!M4/YD>6NRF']wIg2In5>?aE!!@wnfH8K4YRH[@9=E'g7jEXWNi.%Jqk_>pHlx#7'B`_%qP9_Uk%nugO%v4VB%noNO(O>bQ
.onaudience.com/	1970-01-20 15:18:08	Name: done_redirects147 Value: 1
tags.adsafety.net/	1970-01-21 00:02:17	Name: UID Value: fb7648557393528f4ec592dd2eb35afd
tags.adsafety.net/	1970-01-21 00:02:17	Name: DID Value: fb7648557393528f4ec592dd2eb35afd
tags.adsafety.net/	1970-01-21 00:02:17	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 00:02:17	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 15:59:53	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 00:02:17	Name: ct_uid Value: fb7648557393528f4ec592dd2eb35afd
.adsafety.net/	1970-01-21 00:02:17	Name: ct_did Value: fb7648557393528f4ec592dd2eb35afd
.adsafety.net/	1970-01-21 00:02:17	Name: ct_idt Value: 100
.krxd.net/	1970-01-20 19:35:53	Name: _kuid_ Value: P1sG64Tg
cm.adsafety.net/	1970-01-21 00:02:17	Name: permanent Value: 1
.adfarm1.adition.com/	1970-01-20 17:26:17	Name: UserID1 Value: 7286849700626299021
.w55c.net/	1970-01-21 00:48:22	Name: wfivefivec Value: 4Wt60m9W1QOLES5
.demdex.net/	1970-01-20 19:35:53	Name: demdex Value: 32044743051135065723646114029676436537
.w55c.net/	1970-01-20 15:59:53	Name: matchadform Value: 5
.dpm.demdex.net/	1970-01-20 19:35:53	Name: dpm Value: 32044743051135065723646114029676436537
.bluekai.com/	1970-01-20 19:40:13	Name: bku Value: aG/99e/U/sVJt4QC
.bluekai.com/	1970-01-20 19:40:13	Name: bkpa Value: KJy9/Qe5d02pSUHknp1p1p90wtkAwED6BExtmeWN1EDp1M9yBpR8Bpze9JN6Ye6=
.anhembi.br/	1970-01-20 17:26:17	Name: _fbp Value: fb.1.1696601906900.680968368
ads.smartstream.tv/	1970-01-21 00:02:17	Name: DID Value: fb7648557393528f4ec592dd2eb35afd
ads.smartstream.tv/	1970-01-21 00:02:17	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 00:02:17	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 15:59:53	Name: cm_uid Value: CM1202310061436f85c8471440f633a3
.weborama.fr/	1970-01-21 00:42:37	Name: AFFICHE_W Value: lKgiBEls60mU90
.agkn.com/	1970-01-21 00:02:17	Name: ab Value: 0001%3A4wD%2F5FLGqBsXWC5sM%2FjRzMtmkMnI5R3M
cm.adsafety.net/	1970-01-21 00:02:17	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaMjljNjNpdVNwV0JuZFZwWThaNElzQW9yZ1pTZmMrd2o0Z2p1T3FmbVdFYVh6UmZndmpJK2RoT05neUFLUEgxaWlJWnR0dnFpUFZaRTBJRCtYQnA3d0NndkhXVUQ1NmtrTG1WUXVtR1RXdjRRZ3EwejNKTmNNOXQ1WFMvMzJTMUJjSWhlM3RNQ1ZHeFdCUFFFV2Vrd0xSVzZZb1lhUTNCUHAwM2JlcFNhNjBSS3cyN0ZPQ2liKyswa2hOMzVxNDVyYm90aDczVDBuYjM2eGQ3VzZGeDdzWGJrZnhLZkczRU8wNTNQN1dldGZzeERiMTR6WnArakRYeTltYTkyL1NuSThFeDZiZGc4WjNRZG15Y0ZlT1crUDFiQk1EdkxGWGo0QlhDTW1SUGV2bjN6WEE4U2Y0U1lxWVRuZ3ZNelFGVmwyV283UGNjd0FncndKZFRWSk13ekUzRVcxSkVLWTI0MUxEeHJKTEZlUTJ1R251ckNDNmFGZW9NTGdpRXQ2eUkwRUh1bVJVbFlYUXpaSnNzZnN4bzVidXR0NE02Wk1BN3JId2FuVUE5cS9ocUErSDgwVEd3dHNHbmEzczMwcTV4cjhKdlppQUxHZGplbWhoQUxMQXVvQVRFQitzZTB3amNjZUtGb1BORlVXUEY%3D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=5454681515320076977 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=5454681515320076977/gdpr=/gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=5454681515320076977 Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	img-src https://* data: 'self'; object-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11544338.fls.doubleclick.net
3ma79ae7cua.com
a.audrte.com
a1.seadform.net
a2.adform.net
aa.agkn.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
analytics.pangle-ads.com
analytics.tiktok.com
analytics.twitter.com
anhembi.br
api.adrtx.net
aprtn.com
bat.bing.com
beacon.krxd.net
c.amazon-adsystem.com
c1.adform.net
capig.anhembi.br
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.navdmp.com
cdn.taboola.com
cdnjs.cloudflare.com
cm.adsafety.net
cm.g.doubleclick.net
cm.smartstream.tv
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
eu-u.openx.net
event.getblue.io
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loada.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
metrics.getrmads.com
mug.criteo.com
pdw-adf.userreport.com
pixel.mathtag.com
pixel.onaudience.com
pixel.sojern.com
pixel.tapad.com
pm.w55c.net
portal.anhembi.br
ps.eyeota.net
px.ads.linkedin.com
px4.ads.linkedin.com
redirect.frontend.weborama.fr
region1.analytics.google.com
rtb-csync.smartadserver.com
rum-static.pingdom.net
s.ad.smaato.net
s.amazon-adsystem.com
s.yimg.com
s2.adform.net
s3-eu-west-1.amazonaws.com
se.semasio.net
secure.adnxs.com
simage2.pubmatic.com
snap.licdn.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.1dmp.io
sync.crwdcntrl.net
sync.e-volution.ai
sync.teads.tv
t.co
tag.navdmp.com
tags.adsafety.net
tags.bluekai.com
token.rubiconproject.com
trc-events.taboola.com
trc.taboola.com
uipglob.semasio.net
ups.analytics.yahoo.com
usr.navdmp.com
widget.getblue.io
widget.us.criteo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
x.bidswitch.net
z.clarity.ms
anhembi.br
global.ib-ibi.com
sync.1dmp.io
sync.e-volution.ai
104.102.35.84
104.18.26.193
104.18.5.95
104.18.9.110
104.244.42.67
104.244.42.69
107.178.244.119
108.129.25.174
108.138.1.25
13.107.42.14
139.162.141.41
141.226.228.48
141.95.98.65
142.250.74.198
146.59.148.16
146.75.120.157
151.101.193.44
178.250.1.11
178.250.7.11
18.185.230.6
18.203.183.215
184.30.17.243
184.30.20.207
185.167.164.49
185.86.139.104
193.108.153.24
193.135.9.128
198.47.127.205
2.21.20.202
20.10.16.51
2001:4860:4802:32::36
209.54.182.161
212.82.100.181
216.58.206.34
217.79.178.221
23.38.98.84
2600:1f18:4f89:f300:4acc:520e:a17b:f87f
2600:9000:206f:a800:2:53b2:240:93a1
2600:9000:211e:2400:1b:5138:8a40:93a1
2606:4700:10::6816:3668
2606:4700::6810:3965
2606:4700::6810:5714
2606:4700::6810:ef3
2606:4700::6811:180e
2606:4700:e2::ac40:8113
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1288:80:807::2
2a00:1450:4001:800::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c06::9a
2a02:2638:3::e
2a02:2638:d::d
2a02:26f0:480:f::213:7edd
2a02:6ea0:c700::18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.122.214.165
3.123.197.153
3.71.149.231
34.111.113.62
34.246.44.190
34.253.158.202
34.98.64.218
35.190.24.218
35.244.174.68
37.157.3.26
37.157.5.71
37.157.5.84
37.252.171.52
46.19.11.36
52.218.121.176
52.223.40.198
52.28.224.195
52.29.154.74
54.165.113.80
54.211.118.49
54.217.255.105
54.78.254.47
54.94.10.210
63.32.119.33
65.9.66.43
69.173.144.139
69.192.160.219
74.119.119.150
76.223.111.18
77.243.51.121
77.243.51.122
80.85.85.173
85.114.159.93
88.208.1.235
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b73a7a09c04a15bbfef495d16214d2dd6da6dec0e11329effb53ce234028559
0ba19bb7293de09d7503de7512b5e39f944ffa74092078ecc9a35a9e196cfe46
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
115d83ece49fd1c5769409aab9d78572eed86cd38a0556b4cdeeac82c83091d3
1acb5ce7a56a8735fe46b6d916cde736dd608e259103105036cf2eae8114b093
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2150c7a8dc5c0645bcc550d615cdf27b72d3f9a2ac8ac78d1471e8eb551c723d
249fdbeaf6694fa847175499f0be6bb9b50f789f7cdee3d6e00ba55f90062c3b
2561096a7e4d25a651498c80a226938b638755ad9e3fc9321a79da22bb9b1996
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fe48b9d5a859d0df312046517d3c417afc5d187075b428df90d54a737be1405
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
358726fa37724cd48c8e7e34975e51165df826fdc0d6f2f24cb00ab742b1071c
3c500bc2cf23e889b4a1186d3bb92d43e4dde2a63e0aa5991b9ae6fc65c9809d
41c92a437bec935c75d5fb9c025102c2a863eb503197dba99d2289bc39289bd9
41e87db5011e2bdc907233c1d5aa898e194ffaaca5eaaa3ca65e750aff8f1c1b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c58a91e9d6906042e237452aca57175b4105a8e478bac31f0711b24820b3b0
4808b019d68ef51ac6c3cb30dcac88d4b6ef28e0063911fedda9751c9bca998c
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d647f07418b360bd8b67eda8b2788097da8ad759dd6f89116a7fa5232ef6914
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557cf5c85836de1094f44e63b5f55a16c2ad4b25808ccf981ff518e9158fbb99
562178f875516f4bedefc750f1d48087702d814c9ff8d60039cb2744ffcc9c0a
580ebd5f33bc0d23b8a3c9f989f81650cf1534cd9ded5fb7f55a10ccb0b8faf0
584cd35b74eb0eb9153387db97bbbf3a863c42190e5727d818bd24820ebae901
63874c5361938017a3dcc8900a2cde4dcd8c64444166466d1aeef67942ed831d
6465a299bfe4d83cdccf3a86c2cf286fe83d04db74625d9e23b9c57e237a1627
6a6cf5b1818c52c869695f57c89079682d4ba8de0597798e40a22b80bd23b12c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70f3083a31279768ce4485d94f7a71a1588232bfd7add408e71ae95a03d80c2a
72e43963889c12b4d9dfc4eb2c87215704f7681fc98c1da9df1aa6338217b98f
72f3abe61fcfee62ce8bdd39a121774f8ff381362820afb10e37b7b80e078347
7559febec7366c06504f96ff7c8565b4e994bc2f19de7ef6c7539f77cf03d779
75946f531eb9c7820bf3199dedc16db5d8b3630b4d8e45eafec594c5eca95a67
763ba02cc4012884b84884486e4a7087a101b60c6b78725ea0485c1f8bb596b9
7769c510fba43f94f6ff9d6c154ee0d2aa39d278056603e93eedc2d8ba5062c6
7afaa861788cfa4b943b9a78a597edb2e73dcf6cf15cb34ce9a02c72373d9abe
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b54a9dcfc361105c2ff2ac4794582b412cbdc446b7e7ec3ad0376a1df62b168
805270b078cde87b61bb57c8bd44f8b58b0d128f5a8efdd4395470b45b291d65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
879d07b00ee305d43f97cf2193b89fac05001797ef0dafd4163aecfb01c95147
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9399f7b0bcdd77bad49e431c24ae51c09158a0a5f1b2716cd9ccc2434ac6a2a3
977a886e5d9068b3ed8dde6e511ca22ccf44cbed7fb881d0b8b74619fe462e21
986333a99c0309f940f3cd10c2846221feaefe70f96f9005553eb85fb83ec875
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9c60e8db61c7247f906bd778b02fd927ca1b0e94ad3e63d86fb91206b2503770
9cce4b0b0793a4d0fe91562cb33e9be436997cb729dfb17de633152b316202dc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0cff2678321bb8457db2706b363a17bf85ecedbe162429121158eef09c9c8b8
a236aed5086b9c24d3cc94944d4349e9ce469f325ac23bafcaa5fe3659b15fd1
a2be364e2921857c3e1415e1e9e74e5628a02318662a25da27a23da90929c84a
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a7e8ed2d7bbdbcaeeee81c3433f057d64a32c000112bbd09b5969fc658d0a655
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
ab455944a79ec01c372b40fa338de6239563d6921e6b71ce464ee08e54af1d88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6c771f1b4cb0ce73fbefe833ac92db097a01a026c30e78f67ba5224424bda1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b92e9b49a815a438864c0c6e451af77f1fe78608519da61b05b8655766db6294
ba424dae8815641a958fb2c42f793b825b6e2938375d4298ec2566c89a311e12
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb41ec10b93f00b122d29ebc4c88bda4ae69fb849e230cb51e9e58bdc75dbb33
bbdec5f675385e81f6ac5916f9368891822032a828f340a86da06d2a887f60fa
bc264c00f60821bf619c7a9632eecaeaa2a03cda53fec9c810d981fc4475f198
c05f6e2ebda72cafe9719247f754a847e68521797054019d048d08c9692dd676
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2ab76719e2b258b7c9c54e45a1d1afc863354115804a697ff4a5e49154cf5b2
c8f8ffaff13051341d44f109d558fa17aa5ca815369856b1a4460558bd3bcf91
cb80968b9c9462d2c42151b549f1782eec81546a77de820a421243462e7110e3
cc3b862835b9e373ecaa527ec5eeb25b41094e5e58017e1f9e054dbca2d3e644
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4569e147365e7e70c9a4bcfedbb40ba7ebe3f9c701e6cab487746c7fe98579
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
dbf3caaffd3a7a9eff7ef0cea73ca03ed431098c03a5d3bf52c32555d96da85f
dcccb2680f053e97760df92d73620611629aba41492d27f770828f780d84b302
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
dfde9700fc213631abdbc40ab93a1c294c21dcc29ac2f58186f7642a87157c98
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e6123603aeabe4b8467cc64a9ee3329093d346f494179fea936f699aeec37fdd
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
eaa593bcfe485f4b5a8ac997cf9936604f9fbef91652db94a8e22b75d612bfc1
eb0180cf5cb6ef9beb7bf7defa7e9136799d70c56799706f400d79e75d9dd192
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0f1b1de1cdd6e98cf7ddb268817e0400d251a80bbd308ff74d6e32506423186
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f890ba0ffd7012cb3248709ec502bc061109c5c669af09e0d2d4c786b192158e
fa1bd5e89caaceea4e37fcde5432c0c67c75f63b34f0189911fa4fa4666b4fb1
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fbfd512dc48cf14adcf7b5cc0b5df745b7149802574bd649ee68fc475747aecd
fe98bfc33c6aeeaca3f2d2643b77b934a97fc44dd1ceead924e9660fbfdea1e6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

portal.anhembi.br Open in urlscan Pro 104.18.9.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

189 Requests

86 %HTTPS

30 %IPv6

79 Domains

108 Subdomains

82 IPs

10 Countries

3375 kBTransfer

7386 kBSize

85 Cookies

24 Outgoing links

Page URL History

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

portal.anhembi.br Open in urlscan Pro
104.18.9.110 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

86 %
HTTPS

30 %
IPv6

79
Domains

108
Subdomains

82
IPs

10
Countries

3375 kB
Transfer

7386 kB
Size

85
Cookies

189 HTTP transactions
0 data transactions