saopaulo.blog Open in urlscan Pro
192.0.78.222 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://saopaulo.blog/
Submission: On March 22 via automatic, source alexatop100k (March 22nd 2019, 6:19:44 pm UTC)

Summary HTTP 213 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 25 domains to perform 213 HTTP transactions. The main IP is 192.0.78.222, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is saopaulo.blog.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 2nd 2019. Valid for: 3 months.

This is the only time saopaulo.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	192.0.78.222 192.0.78.222	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
23	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
16	172.255.62.200 172.255.62.200	36483 (GOSSAMERT...) (GOSSAMERTHREADS - Gossamer Threads Inc.)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
14	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	192.0.77.32 192.0.77.32	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
3	54.37.115.97 54.37.115.97	16276 (OVH) (OVH)
4	74.214.194.133 74.214.194.133	59940 (PULSEPOIN...) (PULSEPOINT-EU)
8	173.241.240.220 173.241.240.220	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
3	213.19.162.21 213.19.162.21	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	185.33.223.203 185.33.223.203	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	54.37.115.96 54.37.115.96	16276 (OVH) (OVH)
11	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	192.0.72.28 192.0.72.28	2635 (AUTOMATTIC) (AUTOMATTIC - Automattic)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2.19.38.84 2.19.38.84	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	213.19.162.41 213.19.162.41	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER - Twitter Inc.)
4 15	37.157.6.253 37.157.6.253	198622 (ADFORM) (ADFORM)
2	213.19.162.57 213.19.162.57	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
18	37.157.2.248 37.157.2.248	198622 (ADFORM) (ADFORM)
3	151.101.121.108 151.101.121.108	54113 (FASTLY) (FASTLY - Fastly)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
3	151.101.192.166 151.101.192.166	54113 (FASTLY) (FASTLY - Fastly)
4 8	173.241.240.143 173.241.240.143	36089 (OPENX-AS1) (OPENX-AS1 - OPENX TECHNOLOGIES)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS) (MYLOC-AS)
2 3	52.213.58.51 52.213.58.51	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	54.194.73.223 54.194.73.223	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.158.52.144 35.158.52.144	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f00... 2a03:2880:f007:2:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	37.252.172.40 37.252.172.40	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
1	213.19.162.71 213.19.162.71	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	213.19.162.67 213.19.162.67	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	52.222.167.6 52.222.167.6	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	213.19.162.31 213.19.162.31	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
1	54.229.254.12 54.229.254.12	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	74.214.194.131 74.214.194.131	59940 (PULSEPOIN...) (PULSEPOINT-EU)
2 2	52.210.60.105 52.210.60.105	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
7	63.32.83.187 63.32.83.187	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2	54.229.43.73 54.229.43.73	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
5 5	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	37.252.172.12 37.252.172.12	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2 2	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
3	151.101.0.166 151.101.0.166	54113 (FASTLY) (FASTLY - Fastly)
213	46

10 192.0.78.222 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

saopaulo.blog	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.0.77.37 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.255.62.200 (London, United Kingdom)

ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA)

tradehouse.advertserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.32 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)
PTR: wordpress.com

s0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: map2.hwcdn.net

cdn.advertserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.37.115.97 (Woodbridge, United States)

ASN16276 (OVH, FR)
PTR: hb-api-fra01.omnitagjs.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.214.194.133 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

bid.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.241.240.220 (New York, United States)

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-220.xa.dc.openx.org

tradehouse-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.203 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.37.115.96 (Woodbridge, United States)

ASN16276 (OVH, FR)
PTR: hb-api-fra01.omnitagjs.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:825::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.72.28 (San Francisco, United States)

ASN2635 (AUTOMATTIC - Automattic, Inc, US)

zanquetta.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.38.84 (European Union)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-38-84.deploy.static.akamaitechnologies.com

ads.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 37.157.6.253 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.162.57 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.2.248 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.121.108 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.192.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.241.240.143 (New York, United States) 4 redirects

ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US)
PTR: ox-173-241-240-143.xa.dc.openx.org

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Germany)

ASN24961 (MYLOC-AS, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.58.51 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com

vfde.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.73.223 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-194-73-223.eu-west-1.compute.amazonaws.com

vfde.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.52.144 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-52-144.eu-central-1.compute.amazonaws.com

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:2:face:b00c:0:1 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.40 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.71 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.67 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

beacon-eu-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.167.6 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-167-6.fra54.r.cloudfront.net

p.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.162.31 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

optimized-by.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.254.12 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-254-12.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.194.131 (Amsterdam, Netherlands)

ASN59940 (PULSEPOINT-EU, NL)

tag.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.60.105 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-210-60-105.eu-west-1.compute.amazonaws.com

ads.avocet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.32.83.187 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.43.73 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com

s.cpx.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.21.226 (Mountain View, United States) 5 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.12 (European Union) 3 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 244.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.110 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.166 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	wp.com c0.wp.com i0.wp.com i2.wp.com s0.wp.com stats.wp.com pixel.wp.com	290 KB
33	adform.net 4 redirects track.adform.net s1.adform.net	235 KB
20	rubiconproject.com fastlane.rubiconproject.com ads.rubiconproject.com optimized-by.rubiconproject.com beacon-eu-ams3.rubiconproject.com eus.rubiconproject.com	33 KB
17	advertserve.com tradehouse.advertserve.com cdn.advertserve.com	187 KB
16	openx.net 4 redirects tradehouse-d.openx.net eu-u.openx.net	23 KB
14	gravatar.com secure.gravatar.com	85 KB
12	cpx.to p.cpx.to s.cpx.to	9 KB
12	contextweb.com bid.contextweb.com bh.contextweb.com tag.contextweb.com tag-st.contextweb.com Failed	4 KB
11	gstatic.com fonts.gstatic.com	135 KB
10	adnxs.com 3 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	7 KB
10	saopaulo.blog saopaulo.blog	60 KB
5	doubleclick.net 5 redirects cm.g.doubleclick.net	970 B
5	twitter.com platform.twitter.com syndication.twitter.com	48 KB
4	demdex.net 2 redirects vfde.demdex.net	3 KB
4	omnitagjs.com hb-api.omnitagjs.com	3 KB
2	pubmatic.com 2 redirects image2.pubmatic.com	1 KB
2	turn.com 2 redirects d.turn.com	1 KB
2	avocet.io 2 redirects ads.avocet.io	1 KB
2	atdmt.com ad.atdmt.com	214 B
2	vodafone.de vfd2dyn.vodafone.de	558 B
2	googleapis.com fonts.googleapis.com	2 KB
1	exactag.com m.exactag.com	654 B
1	twimg.com cdn.syndication.twimg.com	556 B
1	wordpress.com zanquetta.files.wordpress.com	61 KB
0	doubleverify.com Failed cdn.doubleverify.com Failed
213	25

	Domain	Requested by
23	c0.wp.com	saopaulo.blog
18	s1.adform.net	track.adform.net s1.adform.net saopaulo.blog blank
16	tradehouse.advertserve.com	saopaulo.blog tradehouse.advertserve.com
15	track.adform.net	4 redirects optimized-by.rubiconproject.com s1.adform.net saopaulo.blog
14	secure.gravatar.com	saopaulo.blog c0.wp.com
11	fonts.gstatic.com	saopaulo.blog
10	s.cpx.to	p.cpx.to saopaulo.blog
10	saopaulo.blog	saopaulo.blog
8	eu-u.openx.net	4 redirects tradehouse.advertserve.com
8	tradehouse-d.openx.net	tradehouse.advertserve.com optimized-by.rubiconproject.com tradehouse-d.openx.net
6	bh.contextweb.com	tradehouse.advertserve.com saopaulo.blog
6	eus.rubiconproject.com	tradehouse.advertserve.com saopaulo.blog
6	i0.wp.com	saopaulo.blog
5	cm.g.doubleclick.net	5 redirects
4	vfde.demdex.net	2 redirects saopaulo.blog
4	optimized-by.rubiconproject.com	ads.rubiconproject.com
4	platform.twitter.com	c0.wp.com platform.twitter.com
4	ads.rubiconproject.com	tradehouse.advertserve.com
4	ib.adnxs.com	tradehouse.advertserve.com
4	bid.contextweb.com	tradehouse.advertserve.com
4	hb-api.omnitagjs.com	tradehouse.advertserve.com
3	secure.adnxs.com	3 redirects
3	acdn.adnxs.com	tradehouse.advertserve.com
3	beacon-eu-ams3.rubiconproject.com	saopaulo.blog
3	fastlane.rubiconproject.com	tradehouse.advertserve.com
3	i2.wp.com	saopaulo.blog
2	image2.pubmatic.com	2 redirects
2	d.turn.com	2 redirects
2	ads.avocet.io	2 redirects
2	tag.contextweb.com	tradehouse-d.openx.net
2	p.cpx.to	saopaulo.blog
2	ad.atdmt.com	saopaulo.blog
2	vfd2dyn.vodafone.de	saopaulo.blog
2	fonts.googleapis.com	saopaulo.blog
1	m.exactag.com	saopaulo.blog
1	syndication.twitter.com	saopaulo.blog
1	cdn.syndication.twimg.com	platform.twitter.com
1	pixel.wp.com	saopaulo.blog
1	zanquetta.files.wordpress.com	saopaulo.blog
1	cdn.advertserve.com	saopaulo.blog
1	stats.wp.com	saopaulo.blog
1	s0.wp.com	saopaulo.blog
0	tag-st.contextweb.com Failed	tag.contextweb.com
0	cdn.doubleverify.com Failed	s1.adform.net
213	44

This site contains links to these domains. Also see Links.

Domain
app.monetizze.com.br
www.descontosfc.com
twitter.com
wp.me
paladinotricolor.wordpress.com
wordpress.com
wordpress.org

Subject Issuer	Validity	Valid
tls.automattic.com Let's Encrypt Authority X3	`2019-03-02` - `2019-05-31`	3 months	crt.sh
*.wp.com Go Daddy Secure Certificate Authority - G2	`2018-04-10` - `2020-05-11`	2 years	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.advertserve.com Go Daddy Secure Certificate Authority - G2	`2018-01-05` - `2021-04-04`	3 years	crt.sh
*.gravatar.com COMODO RSA Domain Validation Secure Server CA	`2018-09-06` - `2020-09-05`	2 years	crt.sh
cdn.advertserve.com Go Daddy Secure Certificate Authority - G2	`2016-08-02` - `2019-08-02`	3 years	crt.sh
omnitagjs.com COMODO RSA Organization Validation Secure Server CA	`2018-04-17` - `2019-04-17`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2018-07-07` - `2020-06-03`	2 years	crt.sh
*.openx.net DigiCert ECC Secure Server CA	`2019-02-08` - `2020-05-12`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh
*.files.wordpress.com Sectigo RSA Domain Validation Secure Server CA	`2019-01-15` - `2021-01-14`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-24` - `2020-01-24`	a year	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2018-02-02` - `2019-10-02`	2 years	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2018-07-13` - `2019-06-07`	a year	crt.sh
*.exactag.com COMODO RSA Organization Validation Secure Server CA	`2017-11-16` - `2020-02-14`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
dyn.vodafone.de DigiCert SHA2 Secure Server CA	`2018-09-24` - `2020-09-28`	2 years	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-02-26` - `2019-05-26`	3 months	crt.sh
p.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh
s.cpx.to COMODO RSA Domain Validation Secure Server CA	`2015-02-10` - `2020-02-09`	5 years	crt.sh

This page contains 35 frames:

Primary Page: https://saopaulo.blog/
Frame ID: F651F728DDF9A551B2888E852CC54EA7
Requests: 85 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Frame ID: 7B772771B8FE61E63C3B986581085953
Requests: 6 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Frame ID: 3D2BFAC99DB3AE942F0D89F3D45BE71A
Requests: 6 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=22569271&millis=20190322181909&hb_request=92437772&hb_error=decline&friendly=friendly_64211627&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Frame ID: B4D02E85F9EE494C5CA7891FDAE4514A
Requests: 1 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/16784.js
Frame ID: 86179B9C98454217ED5039630237BA4D
Requests: 18 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/16784.js
Frame ID: B4B6B3B2376E76369B0542E8892B9EAC
Requests: 17 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fsaopaulo.blog&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 3800D9F5D314D69C36A6784E7B16F53F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8A9193BFC265935F21D7AEB673319DA6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B293193F969DD3128C4E708802C878F1
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: EFB3F108B03D44E8F127875BF442698C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Frame ID: B8147B630C0AFA72E4CB1F33E4AF7D6F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 235FF2E2012A341C44777B597C8AB272
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 345F17365817A16179E8B5C7757EC3FB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Frame ID: AF3ECCBCE06E00CBA74AA2A068B0C09B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 7CC6379E4BA32CC31ACBA50CDB364E7F
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/165376/5904872/5904872.js?ADFassetID=5904872&bv=257
Frame ID: 019AD8488320D8B70094BD4E541B88B8
Requests: 7 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/165376/5904872/5904872.js?ADFassetID=5904872&bv=257
Frame ID: 38C48D8B6CADDD16556141B93D4EF29F
Requests: 7 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Frame ID: 469072B3B6974895AD022BF63D0FA7B6
Requests: 6 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Frame ID: B91265E287A54A1AB7D3C73767D5E53A
Requests: 6 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=72099628&millis=20190322181929&hb_request=74653042&hb_error=decline&friendly=friendly_90561139&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Frame ID: 32B2384D58FE95A7E4F3DA6627FDA6D5
Requests: 1 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/16784.js
Frame ID: CF448C2BDE09FCD421B8852418B27ECE
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: C3245AC413C097C7ADE0F077038CEF2C
Requests: 1 HTTP requests in this frame

Frame: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=13068520&millis=20190322181929&hb_request=15739079&hb_error=timeout&friendly=friendly_62710702&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Frame ID: 3E6883CFB2F3B9E7934ECA6DA10852FA
Requests: 1 HTTP requests in this frame

Frame: https://ads.rubiconproject.com/ad/16784.js
Frame ID: CD040A65C74FEDAE442FB02CC32AACDB
Requests: 14 HTTP requests in this frame

Frame: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560167&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=655442
Frame ID: 49A08B046FC506616046C0CECCE06497
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: C79CF7B9266C4EF4484DD01D54073634
Requests: 1 HTTP requests in this frame

Frame: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560167&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=655442
Frame ID: 11CA5F2F02C22D00E36EA64D7FB5D363
Requests: 3 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 683606D7ADE35DC46B0F8745D5C388D6
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Frame ID: 91B5D3929EF140D0CAFF21B6E52AF09C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6E0CAAF3958BEB29A5AB39964BAEF32D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E2D6BB3AEC4B84310C711243256D0DAA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 02FBA75110CAB3299D3B18FCD0B85AF5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B6994EA1C50079779A0C2337370AD9F4
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Frame ID: 48F642EABC9842B5F1D7E359A20E5885
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 2B2F2341C17D8BC8360E927DEB096755
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-includes\//i

MediaElement.js (Video Players) Expand

Overall confidence: 100%
Detected patterns

env /^mejs$/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^Gravatar$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^jQuery$/i

Page Statistics

213
Requests

93 %
HTTPS

14 %
IPv6

25
Domains

44
Subdomains

46
IPs

7
Countries

1183 kB
Transfer

3102 kB
Size

0
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://app.monetizze.com.br/r/AHA3927420/?u=ZG22744

Search URL Search Domain Scan URL

URL: http://www.descontosfc.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/672950039279480833
Title: Meus Tuítes

Search URL Search Domain Scan URL

URL: https://wp.me/PiNGq-1sv

Search URL Search Domain Scan URL

URL: http://paladinotricolor.wordpress.com/

Search URL Search Domain Scan URL

URL: https://wordpress.com/?ref=footer_custom_powered
Title: Powered by WordPress.com

Search URL Search Domain Scan URL

URL: http://wordpress.com/themes/
Title: WordPress.com

Search URL Search Domain Scan URL

URL: https://wordpress.org/
Title: Orgulhosamente operado pelo WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

Request Chain 113

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

Request Chain 119

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rnd=25135 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rnd=25135

Request Chain 124

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rnd=24541 HTTP 302
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rnd=24541

Request Chain 135

https://track.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1 HTTP 302
https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

Request Chain 136

https://track.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1 HTTP 302
https://s1.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1?assetID=5904880&av=1

Request Chain 140

https://track.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1 HTTP 302
https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

Request Chain 141

https://track.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1 HTTP 302
https://s1.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1?assetID=5904878&av=1

Request Chain 180

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

Request Chain 181

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3156218979705193198&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110&google_gid=CAESEAksy5KqECp0hHii1wylP8U&google_cver=1

Request Chain 183

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12412%26ref%3D%26hn_ver%3D10%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=8536916421626968280&pid=12412&ref=&hn_ver=10&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

Request Chain 184

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

Request Chain 193

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12412%26ref%3D%26hn_ver%3D10%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12412%2526ref%253D%2526hn_ver%253D10%2526fid%253Df9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://s.cpx.to/an_fire?app_nexus_uid=5036460259216536928&pid=12412&ref=&hn_ver=10&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Request Chain 194

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://s.cpx.to/sync?dsp=amobee&dsp_uid=9064941690815283950&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_tc= HTTP 302
https://s.cpx.to/ca.png?dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_gid=CAESENNdabOKBh98G-z4NP8pmOk&google_cver=1

Request Chain 196

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Request Chain 197

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101 HTTP 302
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Request Chain 198

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1

Request Chain 200

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc HTTP 302
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1

Request Chain 203

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

Request Chain 208

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

213 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
saopaulo.blog/ 105 KB
32 KB 205ms
150ms Document
text/html 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

77541e1a3e4006b75805195b6c8d8999928d928598bc8ae9b3998da587ff4e41

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: saopaulo.blog
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
server: nginx
date: Fri, 22 Mar 2019 18:19:08 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=86400
vary: Accept-Encoding Cookie
last-modified: Fri, 22 Mar 2019 18:17:31 GMT
cache-control: max-age=203, must-revalidate
x-nananana: Batcache
link: <https://saopaulo.blog/wp-json/>; rel="https://api.w.org/" <https://wp.me/iNGq>; rel=shortlink
p-lb: lb1.q4.sat
p-ws: web106.q9.sat
x-content-type-options: nosniff
content-encoding: gzip
x-ac: 5.ams _proxy_upstream_1

GET
H2 200 style.min.css
c0.wp.com/c/5.1.1/wp-includes/css/dist/block-library/ 25 KB
4 KB 36ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 19:38:57 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 widget-text.css
saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/ 828 B
455 B 156ms
146ms Stylesheet
text/css 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

19a9d7c55b59075db7d6cc96aee53fd8c2a1017fbb04b7314f657d23c914cea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/mu-plugins/wpcomsh/vendor/automattic/text-media-widget-styles/css/widget-text.css?ver=20170607
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 18:20:26 GMT
server: nginx
etag: W/"5c93d5ea-33c"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css
status: 200
p-lb: lb1.q1.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 mediaelementplayer-legacy.min.css
c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/ 11 KB
2 KB 37ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Mon, 28 Aug 2017 19:29:47 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 wp-mediaelement.min.css
c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/ 4 KB
1021 B 35ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

245dba3be6a1b10208f628f21377fc998b5384dc303bdef6954df3910e4f36b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Tue, 11 Dec 2018 16:13:26 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 blocks.css
saopaulo.blog/wp-content/themes/apostrophe-2/css/ 10 KB
2 KB 154ms
146ms Stylesheet
text/css 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/css/blocks.css?ver=5.1.1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

23c0b3973aec2be4c627c774ac1a3853c8fb1c59207410c9c30ad19133b47ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/css/blocks.css?ver=5.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Feb 2019 18:13:05 GMT
server: nginx
etag: W/"5c670131-29ab"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css
status: 200
p-lb: lb1.q2.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 style.css
saopaulo.blog/wp-content/themes/apostrophe-2/ 60 KB
12 KB 154ms
146ms Stylesheet
text/css 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/style.css?ver=20140520

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

35ed2b1565bbaa76ce27cdf2838251a9c514247954e6f7891eb939c0ca769dba

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/style.css?ver=20140520
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 15 Feb 2019 18:13:05 GMT
server: nginx
etag: W/"5c670131-f024"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: text/css
status: 200
p-lb: lb1.q3.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 genericons.css
c0.wp.com/p/jetpack/7.1.1/_inc/genericons/genericons/ 28 KB
16 KB 34ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/genericons/genericons/genericons.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 13 Jan 2016 23:09:07 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 css
fonts.googleapis.com/ 30 KB
2 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:808::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

4b17ffee83414bbd3b8eccda4283b038352663cb8d38e6f9f24449fb120bf898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 22 Mar 2019 18:19:09 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 22 Mar 2019 18:19:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 18:19:09 GMT

GET
H2 200 style-wpcom.css
saopaulo.blog/wp-content/themes/apostrophe-2/inc/ 340 B
416 B 154ms
147ms Stylesheet
text/css 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/inc/style-wpcom.css?ver=5.1.1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

5bf017dc805186f4bf04982b77f0ec4ddd745b71a7baba66df9440b5bb847b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/inc/style-wpcom.css?ver=5.1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/css,*/*;q=0.1
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
x-ac: 5.ams _proxy_upstream_1
x-content-type-options: nosniff
last-modified: Fri, 16 Nov 2018 21:49:25 GMT
server: nginx
etag: "5bef3b65-154"
strict-transport-security: max-age=86400
content-type: text/css
status: 200
p-lb: lb1.q4.sat
accept-ranges: bytes
content-length: 340
p-ws: web106.q9.sat

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/7.1.1/_inc/social-logos/ 26 KB
18 KB 33ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/social-logos/social-logos.min.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 27 Jun 2018 01:03:44 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/7.1.1/css/ 72 KB
12 KB 33ms
8ms Stylesheet
text/css 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/css/jetpack.css

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e8e908c1cf59030880b37997aafc3efb4bf0dd898c85417230d2387b5f14bbb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Tue, 26 Feb 2019 20:53:31 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 jquery.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/jquery/ 95 KB
32 KB 33ms
9ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/jquery/jquery.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 23 May 2018 10:05:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/jquery/ 10 KB
4 KB 49ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 spin.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/ 4 KB
2 KB 49ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/spin.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a5307da44321773c9f46b34d756dcbd6cd427238e5cbad91cd2cf151513ec283

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 jquery.spin.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/ 2 KB
657 B 49ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/jquery.spin.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

36ad0edaf88cb19e7cbdae22470c1f124f02fd5673bf6144c0a7a9f0a8fef987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 tiled-gallery.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/tiled-gallery/tiled-gallery/ 3 KB
1006 B 32ms
9ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/tiled-gallery/tiled-gallery/tiled-gallery.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b731340fee449711ecc144db2006db10f7b0a8d738d5d00ad37637053bab65fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 mediaelement-and-player.min.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/ 153 KB
35 KB 48ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/mediaelement-and-player.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Mon, 16 Oct 2017 18:07:52 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 mediaelement-migrate.min.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/ 1 KB
536 B 48ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/mediaelement-migrate.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 18 Oct 2017 02:26:48 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 postmessage.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/ 9 KB
4 KB 48ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/postmessage.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

96cae96a73c65ceed190aa0b4a9a86f0233798e9a17f27ca57855f4f79ebf678

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 jquery.jetpack-resize.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/ 3 KB
1022 B 48ms
25ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/jquery.jetpack-resize.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

265c34f4c62e6423e270cecb0c422b735dfb0f18cea04c2ac343b6f22106661e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ 12 KB
4 KB 153ms
54ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&pid=0&adhesion=true&closeable=true&placement=bottom_center&polite=false&refresh=30&refresh_limit=15&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 2f7b1676817e06b2478c184d45ec7e73d209ea1ec68e6e0f1b0efc7fb89b922b

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H2 200 cuca.png
i0.wp.com/saopaulo.blog/wp-content/uploads/2019/02/ 15 KB
16 KB 37ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2019/02/cuca.png?resize=450%2C416&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

033aecc5a89b1984afe3587346912fb1ec9957a00000a95246f8b372c5a31ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 193103
last-modified: Sun, 17 Feb 2019 20:13:31 GMT
server: nginx
etag: "f9050821366158bb"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/02/cuca.png>; rel="canonical"
content-length: 15648
expires: Wed, 17 Feb 2021 08:13:31 GMT

GET
H2 200 rai.jpg
i0.wp.com/saopaulo.blog/wp-content/uploads/2018/12/ 22 KB
22 KB 46ms
17ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2018/12/rai.jpg?resize=450%2C450&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b911ef53947b7db125202325e1b9ba2dba34a330192880804329faa67ce4b056

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 22880
last-modified: Sat, 16 Mar 2019 13:56:03 GMT
server: nginx
etag: "aac33403fb5ee5c6"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2018/12/rai.jpg>; rel="canonical"
content-length: 22204
expires: Tue, 16 Mar 2021 01:56:03 GMT

GET
H2 200 cuca.jpg
i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/ 12 KB
13 KB 9ms
9ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/cuca.jpg?resize=450%2C450&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e8eea226b47dc7a572c3af6099fc31cc6c8d40ea704350de9bb6702ea91ffaae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 6460
last-modified: Fri, 22 Mar 2019 13:17:30 GMT
server: nginx
etag: "8c4d5faab5637905"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/03/cuca.jpg>; rel="canonical"
content-length: 12640
expires: Mon, 22 Mar 2021 01:17:30 GMT

GET
H2 200 leco-1.jpg
i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/ 16 KB
16 KB 9ms
9ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/leco-1.jpg?resize=450%2C450&ssl=1&crop=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

d9daa7bf64ee5a0a6b4e4d55a303f522e48a61971199e66d89bc465fafbb1153

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 9482
last-modified: Fri, 22 Mar 2019 11:36:39 GMT
server: nginx
etag: "1a753b7284871f9b"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/03/leco-1.jpg>; rel="canonical"
content-length: 16246
expires: Sun, 21 Mar 2021 23:36:39 GMT

GET
H2 200 lucas-acevedo.jpg
i2.wp.com/saopaulo.blog/wp-content/uploads/2019/03/ 18 KB
18 KB 16ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/saopaulo.blog/wp-content/uploads/2019/03/lucas-acevedo.jpg?resize=450%2C450&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2f4d242898049ead487b0ed6838b23d4af051aa50136c1528edda709acc35713

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 21895
last-modified: Wed, 20 Mar 2019 13:26:17 GMT
server: nginx
etag: "07084d300053af70"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/03/lucas-acevedo.jpg>; rel="canonical"
content-length: 18078
expires: Sat, 20 Mar 2021 01:26:17 GMT

GET
H2 200 energia-na-pelada.jpg
i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/ 12 KB
12 KB 8ms
7ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2019/03/energia-na-pelada.jpg?resize=223%2C221&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

7a3fa135c68dda9f621c6a880a83444ba4bd6522584b9c6852691a012e928095

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 17
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 38965
last-modified: Thu, 14 Mar 2019 20:55:59 GMT
server: nginx
etag: "47ef2502664bd87a"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/03/energia-na-pelada.jpg>; rel="canonical"
content-length: 11866
expires: Sun, 14 Mar 2021 08:55:59 GMT

GET
H2 200 desempenho.jpg
i2.wp.com/saopaulo.blog/wp-content/uploads/2019/03/ 9 KB
9 KB 8ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/saopaulo.blog/wp-content/uploads/2019/03/desempenho.jpg?resize=550%2C100&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b60a3f35df951f996c45cbab8c07b9884c7c9d6a8e9508e4cf0a6589bb14531d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 16
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 21353
last-modified: Thu, 14 Mar 2019 21:07:55 GMT
server: nginx
etag: "93b50098a1eb1e7f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2019/03/desempenho.jpg>; rel="canonical"
content-length: 9058
expires: Sun, 14 Mar 2021 09:07:55 GMT

GET
H2 200 decontosfc.png
i2.wp.com/saopaulo.blog/wp-content/uploads/2018/12/ 21 KB
21 KB 8ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/saopaulo.blog/wp-content/uploads/2018/12/decontosfc.png?resize=600%2C520&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

37277716bb26faa7243ddd815bdf751ef63e015910a0c7f8bc14a1cc518ee5e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 21
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 241927
last-modified: Wed, 12 Dec 2018 13:00:10 GMT
server: nginx
etag: "09cfc16e2c35e55d"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2018/12/decontosfc.png>; rel="canonical"
content-length: 21586
expires: Sat, 12 Dec 2020 01:00:10 GMT

GET
H2 200 72878-vaievem_sampa.png
i0.wp.com/saopaulo.blog/wp-content/uploads/2014/12/ 10 KB
10 KB 9ms
8ms Image
image/webp 192.0.77.2
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/saopaulo.blog/wp-content/uploads/2014/12/72878-vaievem_sampa.png?resize=620%2C349&ssl=1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

3e14d3fb372005680ec015d011ceca69c841315bf7c5449468d1910aafdd3579

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 20
date: Fri, 22 Mar 2019 18:19:09 GMT
x-content-type-options: nosniff
x-bytes-saved: 104249
last-modified: Tue, 27 Nov 2018 19:11:11 GMT
server: nginx
etag: "53f0dc78aa47f19f"
vary: Accept
content-type: image/webp
status: 200
cache-control: public, max-age=63115200
link: <https://saopaulo.blog/wp-content/uploads/2014/12/72878-vaievem_sampa.png>; rel="canonical"
content-length: 10084
expires: Fri, 27 Nov 2020 07:11:11 GMT

GET
H2 200 8750bf6c936775a9d4cd57242c21d378
secure.gravatar.com/avatar/ 4 KB
4 KB 49ms
13ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/8750bf6c936775a9d4cd57242c21d378?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 5fa8818891dd8c149dfec8a8e16f4bcaa875cd9062f68dbc1a119c8e335b233a

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Sun, 06 Nov 2016 00:36:46 GMT
server: nginx
access-control-allow-origin: *
source-age: 72006
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="8750bf6c936775a9d4cd57242c21d378.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/8750bf6c936775a9d4cd57242c21d378?s=96&d=mm&r=g>; rel="canonical"
content-length: 3756
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 759457ed878f47c8b906bee148e891a5
secure.gravatar.com/avatar/ 6 KB
6 KB 39ms
13ms Image
image/png 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/759457ed878f47c8b906bee148e891a5?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ca836348c2ca4ea66b40a286829c847d8e6cd8c19344165c10b30caf4d33c79

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Sat, 12 Jan 2019 15:31:20 GMT
server: nginx
access-control-allow-origin: *
source-age: 78279
content-type: image/png
status: 200
cache-control: max-age=300
content-disposition: inline; filename="759457ed878f47c8b906bee148e891a5.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/759457ed878f47c8b906bee148e891a5?s=96&d=mm&r=g>; rel="canonical"
content-length: 6156
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 ff1fbe333d6652f181f8cc7d6a0c163c
secure.gravatar.com/avatar/ 23 KB
23 KB 29ms
15ms Image
image/png 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/ff1fbe333d6652f181f8cc7d6a0c163c?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 980c63959cb612f0bdb4ee72cc7c25dd8f28b4f59adc4d04bdd38930a7ba1820

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Sun, 01 Oct 2017 12:15:53 GMT
server: nginx
access-control-allow-origin: *
source-age: 798279
content-type: image/png
status: 200
cache-control: max-age=300
content-disposition: inline; filename="ff1fbe333d6652f181f8cc7d6a0c163c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/ff1fbe333d6652f181f8cc7d6a0c163c?s=96&d=mm&r=g>; rel="canonical"
content-length: 23269
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 c4f9cb32d976700660cdd52a2a2bde19
secure.gravatar.com/avatar/ 1 KB
2 KB 28ms
14ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c4f9cb32d976700660cdd52a2a2bde19?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 212596
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="c4f9cb32d976700660cdd52a2a2bde19.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c4f9cb32d976700660cdd52a2a2bde19?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 046022b4ef454ee1ffe92eda30adba0c
secure.gravatar.com/avatar/ 15 KB
15 KB 328ms
315ms Image
image/png 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/046022b4ef454ee1ffe92eda30adba0c?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: ba835bb2dcca3f3188f26852bd9365792e31ec0d8f35a71a08a69ed099c3e6f3

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: MISS vie 4
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Thu, 02 Jul 2009 16:37:32 GMT
server: nginx
access-control-allow-origin: *
source-age: 0
content-type: image/png
status: 200
cache-control: max-age=300
content-disposition: inline; filename="046022b4ef454ee1ffe92eda30adba0c.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/046022b4ef454ee1ffe92eda30adba0c?s=96&d=mm&r=g>; rel="canonical"
content-length: 15505
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 d1f02755c99a3714b6a46925209a9336
secure.gravatar.com/avatar/ 1 KB
2 KB 27ms
14ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/d1f02755c99a3714b6a46925209a9336?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 3
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 4628
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="d1f02755c99a3714b6a46925209a9336.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/d1f02755c99a3714b6a46925209a9336?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 cfdea59cf663e10036f187fac88fb2f6
secure.gravatar.com/avatar/ 1 KB
2 KB 26ms
13ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/cfdea59cf663e10036f187fac88fb2f6?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 2440423
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="cfdea59cf663e10036f187fac88fb2f6.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/cfdea59cf663e10036f187fac88fb2f6?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 e6d499d23cd02abfdeddf0c4a5b90cd1
secure.gravatar.com/avatar/ 1 KB
2 KB 27ms
15ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/e6d499d23cd02abfdeddf0c4a5b90cd1?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 170670
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="e6d499d23cd02abfdeddf0c4a5b90cd1.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/e6d499d23cd02abfdeddf0c4a5b90cd1?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 c19d9643e24083ec4453877ff710e767
secure.gravatar.com/avatar/ 16 KB
16 KB 35ms
23ms Image
image/png 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/c19d9643e24083ec4453877ff710e767?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 3e2e6a30d60b1305c6819ce7b38cef501674c8df26245af43802a9cb7094aaae

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Sat, 02 Mar 2019 18:12:43 GMT
server: nginx
access-control-allow-origin: *
source-age: 926077
content-type: image/png
status: 200
cache-control: max-age=300
content-disposition: inline; filename="c19d9643e24083ec4453877ff710e767.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/c19d9643e24083ec4453877ff710e767?s=96&d=mm&r=g>; rel="canonical"
content-length: 16061
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 992cdaf30ced7c35b6b6142120fbcb21
secure.gravatar.com/avatar/ 3 KB
3 KB 296ms
284ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/992cdaf30ced7c35b6b6142120fbcb21?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 31584da6a85ecd5bef8c8298cc5c8dc24761177f7eacec813379088c48d0346f

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: MISS vie 3
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Fri, 18 Jan 2019 14:05:53 GMT
server: nginx
access-control-allow-origin: *
source-age: 0
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="992cdaf30ced7c35b6b6142120fbcb21.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/992cdaf30ced7c35b6b6142120fbcb21?s=96&d=mm&r=g>; rel="canonical"
content-length: 3087
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 a315f2b89a65a2766388393d80704955
secure.gravatar.com/avatar/ 1 KB
2 KB 178ms
166ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/a315f2b89a65a2766388393d80704955?s=96&d=mm&r=g
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: MISS vie 1
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
access-control-allow-origin: *
source-age: 0
content-type: image/jpeg
status: 200
cache-control: max-age=300
content-disposition: inline; filename="a315f2b89a65a2766388393d80704955.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/a315f2b89a65a2766388393d80704955?s=96&d=mm&r=g>; rel="canonical"
content-length: 1528
expires: Fri, 22 Mar 2019 18:24:09 GMT

GET
H2 200 infinity.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/infinite-scroll/ 10 KB
3 KB 12ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/infinite-scroll/infinity.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6df4c98d54bfd1d98b732a2ea589b077253c663d4a5d746a139e30de376dd24f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/photon/ 580 B
374 B 11ms
11ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/photon/photon.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 27 Dec 2017 00:06:24 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 devicepx-jetpack.js Show response
s0.wp.com/wp-content/js/ 10 KB
3 KB 65ms
16ms Script
application/x-javascript 192.0.77.32
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=201912
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS: wordpress.com
Software: nginx /
Resource Hash: f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT ams 32
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
server: nginx
etag: W/"5867460b-52b6"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
x-ac: 3.ams _dfw
expires: Mon, 16 Mar 2020 07:02:31 GMT

GET
H2 200 jetpack-carousel.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/carousel/ 28 KB
8 KB 21ms
6ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/carousel/jetpack-carousel.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

6a784a12fa3b2109a2d2941d07299e91f13ae656d1696c19cdee1a9d4e374a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Tue, 29 Jan 2019 21:57:37 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 wp-mediaelement.min.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/ 914 B
456 B 24ms
7ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2018 01:51:30 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 gprofiles.js Show response
secure.gravatar.com/js/ 20 KB
7 KB 29ms
12ms Script
application/x-javascript 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/js/gprofiles.js?ver=2019Maraa
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
last-modified: Thu, 23 Aug 2018 15:01:14 GMT
server: nginx
etag: W/"5b7ecc3a-50bc"
content-type: application/x-javascript
status: 200
cache-control: max-age=604800
expires: Fri, 29 Mar 2019 18:19:09 GMT

GET
H2 200 wpgroho.js Show response
c0.wp.com/p/jetpack/7.1.1/modules/ 1015 B
490 B 23ms
8ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/modules/wpgroho.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Thu, 19 Nov 2015 19:47:15 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 skip-link-focus-fix.js Show response
saopaulo.blog/wp-content/themes/apostrophe-2/js/ 683 B
472 B 162ms
146ms Script
application/x-javascript 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/js/skip-link-focus-fix.js?ver=20150605

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/js/skip-link-focus-fix.js?ver=20150605
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Nov 2018 21:49:25 GMT
server: nginx
etag: W/"5bef3b65-2ab"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/x-javascript
status: 200
p-lb: lb1.q1.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 navigation.js Show response
saopaulo.blog/wp-content/themes/apostrophe-2/js/ 4 KB
1 KB 162ms
146ms Script
application/x-javascript 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/js/navigation.js?ver=20161104

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

2a1c1e89362ade291cc8d0e337333af259676a42208cc6e979854f91507fb15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/js/navigation.js?ver=20161104
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Nov 2018 21:49:25 GMT
server: nginx
etag: W/"5bef3b65-1176"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/x-javascript
status: 200
p-lb: lb1.q2.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 apostrophe.js Show response
saopaulo.blog/wp-content/themes/apostrophe-2/js/ 3 KB
1 KB 160ms
146ms Script
application/x-javascript 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/themes/apostrophe-2/js/apostrophe.js?ver=20150226

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

12a73ce30909cea065a75647128cb21cb963502d04030631a77dbd87dbb96393

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/themes/apostrophe-2/js/apostrophe.js?ver=20150226
pragma: no-cache
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 16 Nov 2018 21:49:25 GMT
server: nginx
etag: W/"5bef3b65-a11"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/x-javascript
status: 200
p-lb: lb1.q3.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 twitter-timeline.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/ 357 B
395 B 21ms
7ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/twitter-timeline.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

a09b5785c230e1f08f23ea6af8aa0d341736c3371d8bc6b30fc0aff9c213e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
strict-transport-security: max-age=15552000
content-type: application/javascript
status: 200
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 357
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 queuehandler.min.js Show response
c0.wp.com/p/jetpack/7.1.1/_inc/build/likes/ 6 KB
2 KB 21ms
8ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/7.1.1/_inc/build/likes/queuehandler.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

0b3bae4e5abf408ea0c1630d47a29c60140024b55edbc1d71dd37167d5ff3918

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Fri, 04 Jan 2019 10:33:31 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.1.1/wp-includes/js/ 1 KB
690 B 21ms
8ms Script
application/javascript 192.0.77.37
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.1.1/wp-includes/js/wp-embed.min.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 37
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: br
last-modified: Thu, 30 Aug 2018 12:40:26 GMT
server: nginx
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
expires: Sat, 21 Mar 2020 18:19:09 GMT

GET
H2 200 e-201912.js Show response
stats.wp.com/ 9 KB
3 KB 69ms
12ms Script
application/x-javascript 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-201912.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=31536000
expires: Mon, 16 Mar 2020 07:00:02 GMT

GET
H/1.1 200
OK prebid-2.5.1.js Show response
tradehouse.advertserve.com/js/ Frame 7B77 224 KB
70 KB 50ms
48ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: a5488d52ed3da00050c876fdaa8441bb38ac8d0ebaf2b95625c0aba608e6aee2

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:09 GMT

GET
H/1.1 200
OK 32
cdn.advertserve.com/images/tradehouse.advertserve.com/servlet/files/ 15 KB
16 KB 114ms
22ms Image
image/png 205.185.216.42
Highwinds Network...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.advertserve.com/images/tradehouse.advertserve.com/servlet/files/32
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 6b97e6ec253bb78ba27c2b6d0b93333e2a5ad6fa1d8e4a53ac6c96eefbf6f89c

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Last-Modified: Sun, 31 Dec 2000 11:59:59 GMT
ETag: "978263999"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=2592000
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 15271
X-HW: 1553278749.dop006.pa1.t,1553278749.cds013.pa1.shn,1553278749.dop006.pa1.t,1553278749.cds022.pa1.c

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ 9 KB
3 KB 94ms
22ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&friendly=true&pid=0&fr=25&frlm=15&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 5e4b9ce0c47a9f9c4503f5e89f7d1fbb41fba2dc68ecfb5ed3d2cf00eeadc9ac

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

POST
H/1.1 200
OK v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 7B77 187 B
790 B 217ms
148ms XHR
application/json 54.37.115.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fsaopaulo.blog%252F

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.37.115.97 Woodbridge, United States, ASN16276 (OVH, FR),

Reverse DNS

hb-api-fra01.omnitagjs.com

Software

Resource Hash

5effce17c0a04c14df958458e0a25e9b1e3eb3411a691857dfcc6e9bcb3e2ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, POST
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://saopaulo.blog
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Accept-Encoding, Content-Type
Content-Length: 148
Expires: 0

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 7B77 0
220 B 192ms
122ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
server: envoy
status: 204
cwdl: 22/120
access-control-allow-origin: https://saopaulo.blog
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 105
cw-server: bid-deployment-747889c5c-glgkr
content-length: 0

GET
H2 200 arj Show response
tradehouse-d.openx.net/w/1.0/ Frame 7B77 173 B
661 B 75ms
54ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsaopaulo.blog%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=01b42e8c-4c39-43fe-9dd8-6cdb039167ea&nocache=1553278749295&pubcid=dd3285e3-c2ec-438f-90e6-608a3a1e8488&aus=728x90&divIds=Prebid_Wrapper89013289&auid=540221829&
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: d9f65a8610c2fd4e088b90f49281ca59b533708c117c33337c572af5a8ae5c64

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
server: OXGW/16.128.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://saopaulo.blog
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 7B77 3 KB
3 KB 221ms
95ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16784&site_id=207976&zone_id=1023572&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fsaopaulo.blog%2F&tk_flint=pbjs_lite_v2.5.1&x_source.tid=01b42e8c-4c39-43fe-9dd8-6cdb039167ea&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.40083822817553405
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 68431dea24c414bb0dc8c3e577d2edda179d8b884c2f7314ccd5a24ded4664e6

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 1637
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 7B77 145 B
1 KB 79ms
24ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

1130fc4a128a7d1db39a0ca529c4f216a20c659b451e086f5aa957b263160282

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:11 GMT
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.245:80
AN-X-Request-Uuid: 108458e6-fbcb-4ac2-9b1c-744c2489129a
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK prebid-2.5.1.js Show response
tradehouse.advertserve.com/js/ Frame 3D2B 224 KB
0 50ms
48ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: a5488d52ed3da00050c876fdaa8441bb38ac8d0ebaf2b95625c0aba608e6aee2

Request headers

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:09 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D2B 143 B
1 KB 70ms
29ms XHR
application/json 185.33.223.203
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.203 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

fb875a5414287a36148c8ea4668738c72d4b4b92c8ed509681b9588db04b617e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:11 GMT
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 317.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.50:80
AN-X-Request-Uuid: b4c596e7-68c0-4cf0-967a-11270980df41
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
tradehouse-d.openx.net/w/1.0/ Frame 3D2B 173 B
661 B 57ms
55ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsaopaulo.blog%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=b9edaa36-dd7d-4bde-80b1-63cf45a4f427&nocache=1553278749339&pubcid=dd3285e3-c2ec-438f-90e6-608a3a1e8488&aus=728x90&divIds=Prebid_Wrapper92437772&auid=540221829&
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 4e4cebce468b8200277b5451386db49dce3c7df968de89acec4a9e8660e2dc21

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
server: OXGW/16.128.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://saopaulo.blog
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 3D2B 3 KB
3 KB 162ms
79ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16784&site_id=207976&zone_id=1023572&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fsaopaulo.blog%2F&tk_flint=pbjs_lite_v2.5.1&x_source.tid=b9edaa36-dd7d-4bde-80b1-63cf45a4f427&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6764250856226084
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: d2381ad27320676fbee72b5d53c3f9413742bb5fbf19dcda804da20597007931

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=6
Content-Length: 1470
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 3D2B 0
373 B 138ms
114ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
server: envoy
status: 204
cwdl: 22/120
access-control-allow-origin: https://saopaulo.blog
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 96
cw-server: bid-deployment-747889c5c-dcwk7
content-length: 0

POST
H/1.1 200
OK v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 3D2B 188 B
791 B 200ms
146ms XHR
application/json 54.37.115.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fsaopaulo.blog%252F

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.37.115.96 Woodbridge, United States, ASN16276 (OVH, FR),

Reverse DNS

hb-api-fra01.omnitagjs.com

Software

Resource Hash

aaba93efc3864fa92711cfd8f0b636c39e9eb19138541007a9fd36fa341f45a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, POST
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://saopaulo.blog
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Accept-Encoding, Content-Type
Content-Length: 149
Expires: 0

GET
H2 200 webfont.js Show response
saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/ 12 KB
5 KB 146ms
145ms Script
application/x-javascript 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js
pragma: no-cache
cookie: _pubcid=dd3285e3-c2ec-438f-90e6-608a3a1e8488
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Mar 2019 18:20:25 GMT
server: nginx
etag: W/"5c93d5e9-30cd"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/x-javascript
status: 200
p-lb: lb1.q1.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 wp-emoji-release.min.js Show response
saopaulo.blog/wp-includes/js/ 12 KB
4 KB 145ms
144ms Script
application/x-javascript 192.0.78.222
Automattic

General

Check archive.org

Show headers Download Go to

Full URL

https://saopaulo.blog/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.222 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),

Reverse DNS

Software

nginx /

Resource Hash

c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
pragma: no-cache
cookie: _pubcid=dd3285e3-c2ec-438f-90e6-608a3a1e8488
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: saopaulo.blog
referer: https://saopaulo.blog/
:scheme: https
:method: GET
Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 Jan 2019 01:42:50 GMT
server: nginx
etag: W/"5c412f1a-2f02"
vary: Accept-Encoding
strict-transport-security: max-age=86400
content-type: application/x-javascript
status: 200
p-lb: lb1.q2.sat
x-ac: 5.ams _proxy_upstream_1
p-ws: web106.q9.sat

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v10/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v10/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 00:34:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:33:41 GMT
server: sffe
age: 1187092
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13280
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:34:17 GMT

GET
H2 200 cropped-cropped-3199blog_do_saopaulo1.jpg
zanquetta.files.wordpress.com/2015/12/ 61 KB
61 KB 57ms
9ms Image
image/jpeg 192.0.72.28
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zanquetta.files.wordpress.com/2015/12/cropped-cropped-3199blog_do_saopaulo1.jpg
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.72.28 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: ce9de6f63d7dbef1e192434a8a7a84663aa9cdf2c68c69746902ca4cc9a9e81a

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-nc: HIT fra 28 np
date: Fri, 22 Mar 2019 18:19:09 GMT
last-modified: Sat, 09 Sep 2017 20:43:00 GMT
server: nginx
x-orig-src: 01_mogdir
content-type: image/jpeg
status: 200
accept-ranges: bytes
content-length: 62455
expires: Sun, 31 Mar 2019 20:10:00 GMT

GET
H2 200 EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2
fonts.gstatic.com/s/ptserif/v10/ 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v10/EJRSQgYoZZY2vCFuvAnt66qSVyvVp8NA.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 03:03:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:32:54 GMT
server: sffe
age: 1178140
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13372
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:03:29 GMT

GET
H2 200 EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2
fonts.gstatic.com/s/ptserif/v10/ 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v10/EJRTQgYoZZY2vCFuvAFT_r21cgT9rcs.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 00:58:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:30:48 GMT
server: sffe
age: 1185612
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14020
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:58:57 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 02:13:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:48 GMT
server: sffe
age: 1181159
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8916
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 02:13:10 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Fri, 08 Mar 2019 20:21:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:39 GMT
server: sffe
age: 1202271
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8800
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 20:21:18 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v15/ 9 KB
9 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=PT+Serif%3A400%2C400italic%2C700%2C700italic%7COpen+Sans%3A300%2C300italic%2C400%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&subset=latin%2Clatin-ext%2Ccyrillic
Origin: https://saopaulo.blog

Response headers

date: Fri, 08 Mar 2019 23:23:06 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 21:49:46 GMT
server: sffe
age: 1191363
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8892
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:23:06 GMT

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ 5 KB
2 KB 22ms
22ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=20035166&millis=20190322181909&hb_request=89013289&hb_error=decline&friendly=friendly_72098438&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 99e8910a98758dd8f951879f7f9e45ea7ce8d172c58ebf07a2de4c3adb301cc2

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame B4D0 5 KB
2 KB 22ms
21ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=22569271&millis=20190322181909&hb_request=92437772&hb_error=decline&friendly=friendly_64211627&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: d19a5635fee4203bdf1aa675cc2d02a155b423135543f5fa5327c62c2a6644c7

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
825 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2e277f6725f5c784396d3bf6518f9259db57f300adc1d31154c67caee9750031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 22 Mar 2019 18:19:09 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 22 Mar 2019 18:19:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 22 Mar 2019 18:19:09 GMT

GET
H/1.1 200
OK 16784.js Show response
ads.rubiconproject.com/ad/ Frame 8617 26 KB
8 KB 74ms
8ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/16784.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=20035166&millis=20190322181909&hb_request=89013289&hb_error=decline&friendly=friendly_72098438&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12505
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 22 Mar 2019 21:47:34 GMT

GET
H/1.1 200
OK interactive1.js Show response
tradehouse.advertserve.com/js/ Frame 8617 11 KB
3 KB 21ms
21ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/interactive1.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=20035166&millis=20190322181909&hb_request=89013289&hb_error=decline&friendly=friendly_72098438&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:09 GMT

GET
H/1.1 200
OK 16784.js Show response
ads.rubiconproject.com/ad/ Frame B4B6 26 KB
8 KB 71ms
9ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/16784.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=22569271&millis=20190322181909&hb_request=92437772&hb_error=decline&friendly=friendly_64211627&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12505
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 22 Mar 2019 21:47:34 GMT

GET
H/1.1 200
OK interactive1.js Show response
tradehouse.advertserve.com/js/ Frame B4B6 11 KB
3 KB 21ms
21ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/interactive1.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=22569271&millis=20190322181909&hb_request=92437772&hb_error=decline&friendly=friendly_64211627&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 56ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/7.1.1/_inc/build/twitter-timeline.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4185) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/4185)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2
fonts.gstatic.com/s/notoserif/v7/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v7/ga6Iaw1J5X9T9RW6j9bNfFcWaDq8fMU.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 01:44:00 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:35:58 GMT
server: sffe
age: 1182909
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13192
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 01:44:00 GMT

GET
H2 200 7cHmv4okm5zmbtYoK-4W4nIp.woff2
fonts.gstatic.com/s/exo2/v5/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v5/7cHmv4okm5zmbtYoK-4W4nIp.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4b4a1db2b64f0618827c21c3c01038cdb1f1618fcd9c727676c323f9d286185b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
Origin: https://saopaulo.blog

Response headers

date: Fri, 08 Mar 2019 23:16:46 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:33:49 GMT
server: sffe
age: 1191743
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13408
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:16:46 GMT

GET
H2 200 7cHov4okm5zmbtYtG-wc5VArlT8.woff2
fonts.gstatic.com/s/exo2/v5/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v5/7cHov4okm5zmbtYtG-wc5VArlT8.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

639d5fefe90f62a590f7bff5db736724104b4a7c69f28b049d88b58b4a0de848

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 00:49:06 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:34:17 GMT
server: sffe
age: 1186203
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14664
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:49:06 GMT

GET
H2 200 7cHrv4okm5zmbt6TDvs7wH8Dnzcj.woff2
fonts.gstatic.com/s/exo2/v5/ 13 KB
13 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v5/7cHrv4okm5zmbt6TDvs7wH8Dnzcj.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7ae1b3f1d40bf321c4c698f219ccb16cfccf04c4ff161309a25ec19ead999edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
Origin: https://saopaulo.blog

Response headers

date: Fri, 08 Mar 2019 23:39:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:40:02 GMT
server: sffe
age: 1190355
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 13552
x-xss-protection: 1; mode=block
expires: Sat, 07 Mar 2020 23:39:54 GMT

GET
H2 200 7cHtv4okm5zmbtYtE1c58H0JmBUhfrE.woff2
fonts.gstatic.com/s/exo2/v5/ 14 KB
15 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo2/v5/7cHtv4okm5zmbtYtE1c58H0JmBUhfrE.woff2

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/wp-content/mu-plugins/wpcomsh/vendor/automattic/custom-fonts/js/webfont.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:825::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

da9a27c4e319a310153f07b7c9a6cad33abd73747528a31936085fdd829a1222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Noto+Serif:r%7CExo+2:r,i,b,bi&subset=latin,latin-ext,latin,latin-ext
Origin: https://saopaulo.blog

Response headers

date: Sat, 09 Mar 2019 00:29:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Feb 2019 22:34:37 GMT
server: sffe
age: 1187393
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14780
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 00:29:16 GMT

GET
H2 200 hovercard.min.css
secure.gravatar.com/dist/css/ 7 KB
2 KB 12ms
12ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/hovercard.min.css?ver=2019Maraa
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.1.1/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-1a2e"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 29 Mar 2019 18:19:09 GMT

GET
H2 200 services.min.css
secure.gravatar.com/dist/css/ 3 KB
566 B 13ms
12ms Stylesheet
text/css 2a04:fa87:fffe::c000:4902
Automattic

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.gravatar.com/dist/css/services.min.css?ver=2019Maraa
Requested by: Host: c0.wp.com
URL: https://c0.wp.com/c/5.1.1/wp-includes/js/jquery/jquery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:09 GMT
content-encoding: gzip
last-modified: Thu, 22 Mar 2018 09:46:04 GMT
server: nginx
etag: W/"5ab37b5c-a54"
content-type: text/css
status: 200
cache-control: max-age=604800
expires: Fri, 29 Mar 2019 18:19:09 GMT

GET
H/1.1 200
OK 1023578-2.js Show response
optimized-by.rubiconproject.com/a/16784/207978/ Frame 8617 2 KB
2 KB 218ms
103ms Script
text/javascript 213.19.162.41
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.38828597147146926&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/16784.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: cd74596ad5b2a172a11f95de27d7edbf777c0ac25c77b1e0f89dcf09e7122fed

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=0, max=9
Content-Length: 1276
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK 1023578-2.js Show response
optimized-by.rubiconproject.com/a/16784/207978/ Frame B4B6 2 KB
2 KB 189ms
77ms Script
text/javascript 213.19.162.41
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.013996764480027846&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/16784.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 1ee24ee7b3b14d427522d9956ff6ad523f1dea0fe67202bc2169ee99b34834da

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=0, max=7
Content-Length: 1275
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 19ms
13ms Image
image/gif 192.0.76.3
Automattic

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A7.1.1&blog=4480890&post=0&tz=-3&srv=saopaulo.blog&host=saopaulo.blog&ref=&fcp=561&rand=0.8971370993936523
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Fri, 22 Mar 2019 18:19:09 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 3800 0
0 12ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fsaopaulo.blog&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4184) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 22 Mar 2019 18:19:09 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4184)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H/1.1 200
OK moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js Show response
platform.twitter.com/js/ 24 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash: e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:15 GMT
Server: ECS (fcn/4186)
Etag: "da3e8002f83d92efe615008a56f12f48+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 7925

GET
H/1.1 200
OK timeline.4c6ab682148a0366f9efb1647a3f4799.js Show response
platform.twitter.com/js/ 39 KB
12 KB 26ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.4c6ab682148a0366f9efb1647a3f4799.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: 68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:39:16 GMT
Server: ECS (fcn/4188)
Etag: "0b75ea6c252ef45cd6d3a2e31473d9d5+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 11574

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 162 B
556 B 188ms
135ms Script
application/javascript 2606:2800:134:fa2:1627:1fe:edb:1665
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_672950039279480833_old&dnt=false&domain=saopaulo.blog&lang=pt&screen_name=672950039279480833&suppress_response_codes=true&t=1725865&tweet_limit=10&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),

Reverse DNS

Software

tsa_o /

Resource Hash

56d20617777b1c7d730e64896a372484842df84e1c3d7992d6aad7347d842dc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-status: 404 Not Found
status: 200
content-disposition: attachment; filename=jsonp.jsonp
strict-transport-security: max-age=631138519
content-length: 157
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 124
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, max-age=1
x-connection-hash: f3b6777262c63c7fa9e8ddec2aa2e8be
timing-allow-origin: *
x-transaction: 00b48ac700971c08

GET
H2 200 syndication
syndication.twitter.com/i/jot/ 43 B
148 B 147ms
145ms Image
image/gif 104.244.42.8
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1553278749876%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.8 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 122
pragma: no-cache
last-modified: Fri, 22 Mar 2019 18:19:09 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: eed5d46c5e2342293266fd0f24eb61c8
x-transaction: 00493879001b3fc2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame B4B6 20 KB
10 KB 156ms
62ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfscript/?bn=28845743;rtbwp=008364922478CFDB;rtbdata=nXyjwzUqjVYONT8u1xKQUP7Hn6SahFC8a85jXneLz3r-nDl_bzwA0SaKDsnILKb-qNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFyLrwiw86Y3haKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/c5a0a675-212a-46a2-bb80-8d86e4d65f0a/
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.013996764480027846&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 03bb9e72be4f377561bb3748ec4ce052d528d35bf5e65a5c8963364b071094d9

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 9891
expires: -1

GET
H/1.1 200
OK c5a0a675-212a-46a2-bb80-8d86e4d65f0a
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame B4B6 43 B
268 B 1147ms
18ms Image
image/webp 213.19.162.57
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu-ams3.rubiconproject.com/beacon/d/c5a0a675-212a-46a2-bb80-8d86e4d65f0a?oo=0&accountId=16784&siteId=207978&zoneId=1023578&sizeId=2&e=6A1E40E384DA563B5DB700EDDFDF5FBB71B05C07A6BA14C7A9949B7DF2F002D6484E4CCD46E8B132F3595481B9AFE68227BDAF65660D1330346703DA9B468A4170633B90184031B61DCC8C25762CB6642A1A862B383A285B1B1ADBDD1CA30374971ADECEB0F8ADBE5182AA3E2288A4C204DF2C2FDEC7E994CE99AE4EEF16C763BD89F84CC52D610B8BF974B94922A7CA7E625848872D964A1B306DECBE4FFA69CB8CBB5E9693FEB22170D338F7873AC2909C9608312DA663F65D1DA85B7789E3C00EE95B6D142F43CDA10306204D320B
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.57 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:10 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 8617 20 KB
10 KB 131ms
63ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/adfscript/?bn=28845743;rtbwp=278A473CB940C2CE;rtbdata=cvG9n1GgSK9PQqeMLx2NvJe_0Gwyc9S_772KhU6wTrWBZ47mr-GC7e8mfAITS5DXqNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFx-jOks7bv_NqKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/073a96ee-9c70-466c-903c-0ccbf82ad731/
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.38828597147146926&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: f3f8d65edc4305a7013b42bc0dc02f695f0da8d14500f817fb5ab08a0dc8526c

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:10 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 9893
expires: -1

GET
H/1.1 200
OK 073a96ee-9c70-466c-903c-0ccbf82ad731
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame 8617 43 B
268 B 1102ms
20ms Image
image/webp 213.19.162.57
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu-ams3.rubiconproject.com/beacon/d/073a96ee-9c70-466c-903c-0ccbf82ad731?oo=0&accountId=16784&siteId=207978&zoneId=1023578&sizeId=2&e=6A1E40E384DA563B0C20C872A0043078BC247B0D2B62BA35F368E07FF2616D09E514CAC3F6D2E86DFF4DD707741DF7F827BDAF65660D13303D9F3D27BE6D17C270633B90184031B61DCC8C25762CB6642A1A862B383A285B1B1ADBDD1CA30374971ADECEB0F8ADBE5182AA3E2288A4C211DD8817B0BDC33A79B041332252D4DE0DF8BB22A04B9CC3A2E1EE2098E7F35A01B161855D5543C4ADD84CD4C36B4A0E2F8B8502969699B5959F4B9F48A5B51CDCB5FA9EFAE748BF3AF8779EA023C32FC26D51059EC07CE89375B7F4DABD266C
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.57 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:10 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/615/s1.adform.net/ Frame B4B6 31 KB
14 KB 15226ms
91ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=28845743;rtbwp=008364922478CFDB;rtbdata=nXyjwzUqjVYONT8u1xKQUP7Hn6SahFC8a85jXneLz3r-nDl_bzwA0SaKDsnILKb-qNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFyLrwiw86Y3haKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/c5a0a675-212a-46a2-bb80-8d86e4d65f0a/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bf28f6cc36bd0a6e167ff8b916c07b5f23fc702b70ba0bd6d0e67582ebd20fd

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 09:52:41 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 23 Mar 2019 22:05:20 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/615/s1.adform.net/ Frame 8617 31 KB
14 KB 15222ms
91ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=28845743;rtbwp=278A473CB940C2CE;rtbdata=cvG9n1GgSK9PQqeMLx2NvJe_0Gwyc9S_772KhU6wTrWBZ47mr-GC7e8mfAITS5DXqNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFx-jOks7bv_NqKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;OOBClickTrack=http://beacon-nf.rubiconproject.com/beacon/v2/t/0/073a96ee-9c70-466c-903c-0ccbf82ad731/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 9bf28f6cc36bd0a6e167ff8b916c07b5f23fc702b70ba0bd6d0e67582ebd20fd

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 09:52:41 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 23 Mar 2019 22:05:20 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8A91 0
0 162ms
28ms Document
text/html 151.101.121.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:12 GMT
Age: 19730239
Connection: keep-alive
X-Served-By: cache-jfk8146-JFK, cache-cdg20743-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 4857776, 1425036
X-Timer: S1553278753.733737,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame B293 0
0 15133ms
25ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51901
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set visitormatch
bh.contextweb.com/ Frame EFB3 0
0 1067ms
25ms Document
text/html 151.101.192.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/visitormatch
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-868579569-dbw6q
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Set-Cookie: _dbefe=http://10.223.0.201:8080; Path=/ sto-id-20480-bh=EEANNMAKFDAA; Domain=contextweb.com; Expires=Fri, 22-Mar-2019 18:34:13 GMT; Path=/
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:13 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1532-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame B814
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

0
0

39ms
33ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://saopaulo.blog/
accept-encoding: gzip, deflate, br
cookie: i=1192e085-4253-0bda-2d1f-25411d1b4386|1553278752
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

status: 200
vary: Accept
set-cookie: i=1192e085-4253-0bda-2d1f-25411d1b4386|1553278752; Version=1; Expires=Sat, 21-Mar-2020 18:19:12 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553278752|mOgikimWiygu; Version=1; Expires=Sat, 06-Apr-2019 18:19:12 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 22 Mar 2019 18:19:12 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=1192e085-4253-0bda-2d1f-25411d1b4386|1553278752; Version=1; Expires=Sat, 21-Mar-2020 18:19:12 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
date: Fri, 22 Mar 2019 18:19:12 GMT
content-length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 235F 0
0 15134ms
27ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51901
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:27 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set visitormatch
bh.contextweb.com/ Frame 345F 0
0 1062ms
32ms Document
text/html 151.101.192.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/visitormatch
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-5b88dffbd-v4zr8
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Set-Cookie: _dbefe=http://10.223.25.145:8080; Path=/ sto-id-20480-bh=CEANNMAKFBAA; Domain=contextweb.com; Expires=Fri, 22-Mar-2019 18:34:13 GMT; Path=/
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:13 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1535-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame AF3E
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

0
0

33ms
32ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://saopaulo.blog/
accept-encoding: gzip, deflate, br
cookie: i=54163e6f-b285-034c-3e35-426f9f84ce62|1553278752
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

status: 200
vary: Accept
set-cookie: i=54163e6f-b285-034c-3e35-426f9f84ce62|1553278752; Version=1; Expires=Sat, 21-Mar-2020 18:19:12 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553278752|mOgikimWiygu; Version=1; Expires=Sat, 06-Apr-2019 18:19:12 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 22 Mar 2019 18:19:12 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=54163e6f-b285-034c-3e35-426f9f84ce62|1553278752; Version=1; Expires=Sat, 21-Mar-2020 18:19:12 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
date: Fri, 22 Mar 2019 18:19:12 GMT
content-length: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 7CC6 0
0 184ms
23ms Document
text/html 151.101.121.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:12 GMT
Age: 19730239
Connection: keep-alive
X-Served-By: cache-jfk8146-JFK, cache-cdg20743-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 4857776, 1425038
X-Timer: S1553278753.791644,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 / Show response
track.adform.net/wpf/v2/Nda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame B4B6 7 KB
4 KB 42ms
42ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/wpf/v2/Nda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY1n_YG_HYYbKcsuTyjaY2ftckuyPBDjaY1HGOg3ZLQ0I5u8TgdX38fg.D_DJhCizgzH_y3EjNpmVWN9dPBSkMNNHRdGmX6QSs6tTnwgEjNpp0iJ3A0KFgBFY5BNlrAp5BNlVn_hs1Y5CCsGrilSHlF4XVA4.L9.gJ0Nc1lF1f4.90PgJ.e_elFCUC68mlFCUC68mlF8KSKXV4.hL9.LxU..1QX/adfserve/?CC=1&bn=28845743;rtbwp=008364922478CFDB;rtbdata=nXyjwzUqjVYONT8u1xKQUP7Hn6SahFC8a85jXneLz3r-nDl_bzwA0SaKDsnILKb-qNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFyLrwiw86Y3haKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2fc5a0a675-212a-46a2-bb80-8d86e4d65f0a%2f;js=1;adfxid=1x;10711;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0;fd=0|15&CREFURL=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 121cb07f127e755b5f118a626394cc0b0b79190d5b8d5bc3e6f3d9d73f516a6e

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 3435
expires: -1

GET
H2 200 / Show response
track.adform.net/wpf/v2/Nda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYY... Frame 8617 7 KB
4 KB 66ms
66ms Script
text/javascript 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/wpf/v2/Nda44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXdMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2VHqwodv.numypZHgfLMC7AeLd7FmrpwoNN5uQ4s5uQ1szHVyVxFAk.rpwoNJ9z4oYYLzZGgeWy24bT8sjrkRGyC_JxoPyjzA1j4Hj5Yz3ccbbJYMLgiPFU77qZoOSix5ezdstlYysrhsui6._htdIq0bp_xf7_OLgiPFMtrs1OeyjaY1n_YG_HYYbKcsuTyjaY2ftckuyPBDjaY1HGOg3ZLQ0I5u8TgdX0HrN.S9RdPQSzOy_Aw7UTlf_01kKHoNvdikkZtHY_3DqvkEmxbtNUTlfe2Rc7L1eWNNW5BNlYiMeBNlY0bAQk45BPQkYjSXu_XVA4.L9.gJ0Nc1lF4XV4L9.J1pNc0KAKXVPyPDI_XVPyPDI_XVHeuf4.90PgJ.huy.Cyr/adfserve/?CC=1&bn=28845743;rtbwp=278A473CB940C2CE;rtbdata=cvG9n1GgSK9PQqeMLx2NvJe_0Gwyc9S_772KhU6wTrWBZ47mr-GC7e8mfAITS5DXqNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFx-jOks7bv_NqKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2;oobclicktrack=http%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv2%2ft%2f0%2f073a96ee-9c70-466c-903c-0ccbf82ad731%2f;js=1;adfxid=2x;5624;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0;fd=0|15&CREFURL=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 11cd4b77f1bef0bcb1e92b51947baaaf96b1d9c0dea9433f4d8971db9d1c31a3

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
server: nginx
access-control-allow-origin: *
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/javascript; charset=utf-8
content-length: 3433
expires: -1

GET dvtp_src.js
cdn.doubleverify.com/ Frame B4B6 0
0

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame B4B6 43 B
654 B 80ms
23ms Image
image/gif 213.202.235.8
MYLOC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ntadyn&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&cachebuster=90453
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.202.235.8 , Germany, ASN24961 (MYLOC-AS, DE),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:25 GMT
X-ET-Code: 0
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Connection: close
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Cache-Control: private
Last-Modified: Fr, 22 Mrz 2019 06:19:25 GMT
X-ET-Camp: 707
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame B4B6
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rnd=25135
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rn...

42 B
771 B

47ms
36ms

Image
image/gif

54.194.73.223
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rnd=25135
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.73.223 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-194-73-223.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v025-0a19fec98.edge-irl1.demdex.com 5.50.0.20190319164038 6ms
Pragma: no-cache
X-TID: +nlCJwkuTgs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: dy1Su7i/SGM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&rnd=25135
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame B4B6 0
279 B 1043ms
9ms Image
text/html 35.158.52.144
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=75387
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.52.144 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-52-144.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:26 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1569881;s.a=1358733;p.a=4869493;as.a=;a.a=29559038;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_AO_AL_NetsaleOld_BNR_CA_Adf-SimOnly-...
ad.atdmt.com/i/ Frame B4B6 107 B
107 B 116ms
56ms Image
text/javascript 2a03:2880:f007:2:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1569881;s.a=1358733;p.a=4869493;as.a=;a.a=29559038;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_AO_AL_NetsaleOld_BNR_CA_Adf-SimOnly-Pre;as.n=;a.n=Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd;idfa=;aaid=;cache=14999;
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f007:2:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
x-atlas-debug: AYI9M3V3dBW7vAdkGgNslGbpULcKf5HuBQQ8882iUxncYN3vyQd3LlHqHsBnjcKyxdI2XK9_4aGOZl5FaR2n7mda
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 107
expires: 0

GET dvtp_src.js
cdn.doubleverify.com/ Frame 8617 0
0

GET ai.aspx
m.exactag.com/ Frame 8617 0
0

GET
H/1.1

200
OK

firstevent
vfde.demdex.net/ Frame 8617
Redirect Chain

https://vfde.demdex.net/event?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rnd=24541
https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rn...

42 B
771 B

60ms
59ms

Image
image/gif

52.213.58.51
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rnd=24541
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.58.51 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-213-58-51.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v025-0c3c8c3e5.edge-irl1.demdex.com 5.50.0.20190319164038 6ms
Pragma: no-cache
X-TID: Iq5pByHvRdo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
X-TID: DfNcRmrUTjE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://vfde.demdex.net/firstevent?d_event=imp&d_src=51272&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&rnd=24541
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame 8617 0
279 B 1018ms
9ms Image
text/html 35.158.52.144
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=64911
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.52.144 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-35-158-52-144.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:26 GMT
server: Apache
p3p: CP="CAO PSA OUR"
status: 200
cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
content-length: 0
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 t.js;adv=11312204831198;ec=11312207190549;c.a=1569881;s.a=1358733;p.a=4869493;as.a=;a.a=29559041;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_AO_AL_NetsaleOld_BNR_CA_Adf-SimOnly-...
ad.atdmt.com/i/ Frame 8617 107 B
107 B 91ms
56ms Image
text/javascript 2a03:2880:f007:2:face:b00c:0:1
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/t.js;adv=11312204831198;ec=11312207190549;c.a=1569881;s.a=1358733;p.a=4869493;as.a=;a.a=29559041;c.n=Display_Performance_Credit;s.n=Real+Time+Bidding;p.n=Adform_AO_AL_NetsaleOld_BNR_CA_Adf-SimOnly-Pre;as.n=;a.n=Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07;idfa=;aaid=;cache=50615;
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f007:2:face:b00c:0:1 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
x-atlas-debug: AYL60C7pnQlzOspcT0ZOj5UnYXzkBy-VZHn4rYnw2Xy5AGpZu8h4h23dXa9H5fM_Y2UKL5lt49TFnyxnj2kQE3QI
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"
status: 200
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 107
expires: 0

GET
H2 200 Standard Show response
s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/ Frame B4B6 89 KB
37 KB 34ms
33ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b8be0da901b2bbc27c22c682f09d4bb1dce86daeb05168349dc7d06fce07625

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 09:52:41 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 23 Mar 2019 21:56:50 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/ Frame 8617 89 KB
37 KB 57ms
57ms Script
text/javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b8be0da901b2bbc27c22c682f09d4bb1dce86daeb05168349dc7d06fce07625

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Tue, 05 Mar 2019 09:52:41 GMT
server: nginx
access-control-allow-origin: *
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=100000
expires: Sat, 23 Mar 2019 21:56:50 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame B4B6 35 B
412 B 32ms
32ms Other
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/csimpr/?bn=28845743&csi=552g8sMJ0lAFeO4TFrybTG_SPgnuKdQ9QZG6l__Zs-hyrkkTZQ-7ck6oJAkKWKqbfHgak7e7WS75aujn4T-Qp5reUhLHMYOmLVjakKmyLkKC7GFLIMfreg2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
access-control-allow-origin: https://saopaulo.blog
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 5904872.js Show response
s1.adform.net/Banners/Elements/Files/165376/5904872/ Frame 019A 61 KB
17 KB 37ms
36ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/5904872.js?ADFassetID=5904872&bv=257

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c4aa9f5f2258a0c04b27c085e888bf94cf84035dc8978f0f0beb70bbf221cb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5c0a98e0-f4e0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: application/x-javascript

POST
H2 200 /
track.adform.net/csimpr/ Frame 8617 35 B
421 B 79ms
78ms Other
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/csimpr/?bn=28845743&csi=C7EUnZZ2noOp0KdvFytpyY_5XzPm_mWbQZG6l__Zs-gTMMFbJ5AJuPG95ju2bfZafHgak7e7WS75aujn4T-Qp5reUhLHMYOmLVjakKmyLkKC7GFLIMfreg2
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
access-control-allow-origin: https://saopaulo.blog
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 5904872.js Show response
s1.adform.net/Banners/Elements/Files/165376/5904872/ Frame 38C4 61 KB
17 KB 46ms
46ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/5904872.js?ADFassetID=5904872&bv=257

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c4aa9f5f2258a0c04b27c085e888bf94cf84035dc8978f0f0beb70bbf221cb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5c0a98e0-f4e0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 019A 30 KB
13 KB 54ms
54ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=615
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Thu, 10 Jan 2019 11:50:18 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5c37317a-7694"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 Adform.DHTML.js Show response
s1.adform.net/banners/scripts/rmb/ Frame 38C4 30 KB
13 KB 62ms
61ms Script
application/x-javascript 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=615
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
content-encoding: gzip
last-modified: Thu, 10 Jan 2019 11:50:18 GMT
server: nginx
access-control-allow-origin: *
etag: W/"5c37317a-7694"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2

200

5904881.jpg
s1.adform.net/banners/Elements/Files/165376/ Frame 019A
Redirect Chain

https://track.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1
https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

2 KB
2 KB

44ms
44ms

Image
image/jpeg

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c973bf1ed7a4f12c2f33ba7159c750a76995e7679ecd59b5af2427a92260dfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 16:00:54 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a9936-7fb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 2043

Redirect headers

status: 302
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
location: https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1
content-type: text/html

GET
H2

200

5904880.png
s1.adform.net/banners/Elements/Files/165376/ Frame 019A
Redirect Chain

https://track.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1
https://s1.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1?assetID=5904880&av=1

3 KB
3 KB

32ms
31ms

Image
image/png

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1?assetID=5904880&av=1

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cf30af111f434c5c0d47ee7c9e9c11ef97a89947ab1df708f6aa1a54ee3e6044

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 16:00:54 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a9936-cb5"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3253

Redirect headers

status: 302
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
location: https://s1.adform.net/banners/Elements/Files/165376/5904880.png?assetID=5904880&av=1?assetID=5904880&av=1
content-type: text/html

GET
H2 200 Q3_SimOnly_728x90_vodafone_logo_rot.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 019A 2 KB
2 KB 33ms
32ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SimOnly_728x90_vodafone_logo_rot.png

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eddf24654faf2a917711c311d9d7af1b67086feb0a5c81aaf5435b945b3cdcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-8b0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2224

GET
H2 200 Q3_SIMOnly_Karte.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 019A 6 KB
6 KB 50ms
50ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SIMOnly_Karte.png

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b6b95b16a54e1ef223d083ab64fec6ac66109b0f2c5233ec79baaffc693ae13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-18cc"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6348

GET
H2 200 Q3_SIMOnly_HL.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 019A 6 KB
7 KB 33ms
33ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SIMOnly_HL.png

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

39eec5fec9d2a020bf8a7fb1960ef49ed0cf0ba5d99ef60928f8a109bdede9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-19fe"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6654

GET
H2

200

5904881.jpg
s1.adform.net/banners/Elements/Files/165376/ Frame 38C4
Redirect Chain

https://track.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1
https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

2 KB
2 KB

31ms
31ms

Image
image/jpeg

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c973bf1ed7a4f12c2f33ba7159c750a76995e7679ecd59b5af2427a92260dfc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 16:00:54 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a9936-7fb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 2043

Redirect headers

status: 302
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
location: https://s1.adform.net/banners/Elements/Files/165376/5904881.jpg?assetID=5904881&av=1?assetID=5904881&av=1
content-type: text/html

GET
H2

200

5904878.png
s1.adform.net/banners/Elements/Files/165376/ Frame 38C4
Redirect Chain

https://track.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1
https://s1.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1?assetID=5904878&av=1

3 KB
3 KB

32ms
31ms

Image
image/png

37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1?assetID=5904878&av=1

Requested by

Host: blank
URL: about:blank

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6efb4a243390140a871d098ad5637144df05a693bc6d0b943290039a8fa258f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 16:00:54 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a9936-ca8"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 3240

Redirect headers

status: 302
date: Fri, 22 Mar 2019 18:19:25 GMT
server: nginx
location: https://s1.adform.net/banners/Elements/Files/165376/5904878.png?assetID=5904878&av=1?assetID=5904878&av=1
content-type: text/html

GET
H2 200 Q3_SimOnly_728x90_vodafone_logo_rot.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 38C4 2 KB
2 KB 33ms
30ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SimOnly_728x90_vodafone_logo_rot.png

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

eddf24654faf2a917711c311d9d7af1b67086feb0a5c81aaf5435b945b3cdcbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-8b0"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 2224

GET
H2 200 Q3_SIMOnly_Karte.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 38C4 6 KB
6 KB 47ms
45ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SIMOnly_Karte.png

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b6b95b16a54e1ef223d083ab64fec6ac66109b0f2c5233ec79baaffc693ae13

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-18cc"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6348

GET
H2 200 Q3_SIMOnly_HL.png
s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/ Frame 38C4 6 KB
7 KB 32ms
30ms Image
image/png 37.157.2.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/Elements/Files/165376/5904872/bvpath_257/Q3_SIMOnly_HL.png

Requested by

Host: saopaulo.blog
URL: https://saopaulo.blog/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

39eec5fec9d2a020bf8a7fb1960ef49ed0cf0ba5d99ef60928f8a109bdede9c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:25 GMT
last-modified: Fri, 07 Dec 2018 15:59:28 GMT
server: nginx
access-control-allow-origin: *
etag: "5c0a98e0-19fe"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 6654

POST
H2 200 /
track.adform.net/serving/unload/ Frame B4B6 35 B
412 B 33ms
33ms Other
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@28845743,605067762149584279,100|1200|0|0|0|0|0|0|0||41|0|31|807a4746377af6aa2a6a946485cfce778192b61e_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:26 GMT
server: nginx
access-control-allow-origin: https://saopaulo.blog
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame B4B6 35 B
248 B 102ms
101ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/Serving/Event/?bn=28845743&event=178&time=2&banner=29559038&name=Viewable%20impressions&imprid=605067762149584279&icid=-5750631979060554475&eData=552g8sMJ0lDdlTUrfjmI7A1XAyhzv50Lka645TXWxBl8eBqTt7tZLvlq6OfhP5Cnmt5SEscxg6YtWNqQqbIuQoLsYUsgx-t60&rnd=733458652&rtbwp=008364922478CFDB&rtbdata=nXyjwzUqjVYONT8u1xKQUP7Hn6SahFC8a85jXneLz3r-nDl_bzwA0SaKDsnILKb-qNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFyLrwiw86Y3haKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:26 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8617 35 B
412 B 76ms
75ms Other
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@28845743,4940723346665140171,100|1201|0|0|0|0|0|0|0||41|0|31|dd0855978d6a2af4877f505340e4366b01509fbb_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||11
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:27 GMT
server: nginx
access-control-allow-origin: https://saopaulo.blog
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 8617 35 B
248 B 75ms
75ms Image
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.adform.net/Serving/Event/?bn=28845743&event=178&time=2&banner=29559041&name=Viewable%20impressions&imprid=4940723346665140171&icid=-5750631979060554475&eData=C7EUnZZ2noPdlTUrfjmI7OTHm_rQRO62-bc_zmL72rh8eBqTt7tZLvlq6OfhP5Cnmt5SEscxg6YtWNqQqbIuQoLsYUsgx-t60&rnd=924821497&rtbwp=278A473CB940C2CE&rtbdata=cvG9n1GgSK9PQqeMLx2NvJe_0Gwyc9S_772KhU6wTrWBZ47mr-GC7e8mfAITS5DXqNzzKmKQaRZjwQ_Hd4jfdRKjn9GhhnLPnwMJ0SHXYU8naMh6YYQy63J5cCZW3eLxikSyMY6XAlygD2w_Yb7cQKZOqDW9MorJD7lMmH5TMqy4Q15PrlqWJC1tZ2nZV4nZOTSlbD8YQM3GMCQSs7pXL8dGDBZablijEsXHm5_rnFx-jOks7bv_NqKGq7g5tdIh1s4kdZiB-Fdd09oT2w_hbcdF3fAwE9AwpAXiSSrIprvDeIjrSAcYFw2
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:27 GMT
server: nginx
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ 9 KB
3 KB 24ms
24ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&pid=0&fr=30&frcn=1&frlm=15&friendly=friendly_64211627&random=90561139&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&friendly=true&pid=0&fr=25&frlm=15&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 3657b793e40021d8d699a71679550f6c3f843344bf7db7f4e759070472ff454e

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:29 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H/1.1 200
OK prebid-2.5.1.js Show response
tradehouse.advertserve.com/js/ Frame 4690 224 KB
70 KB 59ms
58ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: a5488d52ed3da00050c876fdaa8441bb38ac8d0ebaf2b95625c0aba608e6aee2

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:29 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 4690 3 KB
3 KB 250ms
94ms XHR
application/json 213.19.162.21
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16784&site_id=207976&zone_id=1023572&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fsaopaulo.blog%2F&tk_flint=pbjs_lite_v2.5.1&x_source.tid=59df391a-9488-47b0-b0a6-aa75120b1b76&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.10903282743154952
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: c9e5efdb292893b4854e0b230fc1ab2b1e06cdacf85c7883784d07282f8b205b

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:29 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=7
Content-Length: 1471
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
tradehouse-d.openx.net/w/1.0/ Frame 4690 173 B
661 B 51ms
50ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsaopaulo.blog%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=59df391a-9488-47b0-b0a6-aa75120b1b76&nocache=1553278769486&pubcid=dc7704c3-ce40-4583-ac81-80d8215d1223&aus=728x90&divIds=Prebid_Wrapper74653042&auid=540221829&
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 6ec572d0e816e1e37f4fc506a759c5302f76bfc4f3a785e4b2982aee95567d93

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:29 GMT
content-encoding: gzip
server: OXGW/16.128.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://saopaulo.blog
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 4690 187 B
790 B 525ms
112ms XHR
application/json 54.37.115.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fsaopaulo.blog%252F

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.37.115.97 Woodbridge, United States, ASN16276 (OVH, FR),

Reverse DNS

hb-api-fra01.omnitagjs.com

Software

Resource Hash

d038ecdb27defd584aba1bb9605b2a8fee96b59b4d4bcbcd4aab0aa356d4948b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, POST
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://saopaulo.blog
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Accept-Encoding, Content-Type
Content-Length: 148
Expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 4690 143 B
1 KB 439ms
26ms XHR
application/json 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8a4804faa57cbd0c9b53b19b7c12eb45363f29e8beee38e5dee47f7218e93904

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.164:80
AN-X-Request-Uuid: ba2c55a8-4725-4c57-9055-0bf222d37ebb
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame 4690 0
373 B 531ms
114ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2019 18:19:29 GMT
server: envoy
status: 204
cwdl: 22/120
access-control-allow-origin: https://saopaulo.blog
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 87
cw-server: bid-deployment-747889c5c-hk8wb
content-length: 0

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ 9 KB
3 KB 46ms
22ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&pid=0&fr=30&frcn=1&frlm=15&friendly=friendly_20035166&random=62710702&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=20035166&millis=20190322181909&hb_request=89013289&hb_error=decline&friendly=friendly_72098438&resolution=unspecified&refresh_count=0&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: e01e9dea7d7fc4ba418932a1f86a86e32201f020b3750708e85a3a58cbf205e1

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:29 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H/1.1 200
OK prebid-2.5.1.js Show response
tradehouse.advertserve.com/js/ Frame B912 224 KB
0 59ms
58ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: a5488d52ed3da00050c876fdaa8441bb38ac8d0ebaf2b95625c0aba608e6aee2

Request headers

Response headers

Date: Fri, 22 Mar 2019 18:19:29 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:29 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B912 0
0

POST
H/1.1 200
OK v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame B912 187 B
790 B 369ms
145ms XHR
application/json 54.37.115.97
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%253A%252F%252Fsaopaulo.blog%252F

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

54.37.115.97 Woodbridge, United States, ASN16276 (OVH, FR),

Reverse DNS

hb-api-fra01.omnitagjs.com

Software

Resource Hash

ed4dbe1c9807d715bd1c10ac32580bd335cb61169fb6432a08c56eb7d2b8cad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Access-Control-Allow-Methods: OPTIONS, POST
P3p: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://saopaulo.blog
Access-Control-Max-Age: 3600
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Headers: Accept-Encoding, Content-Type
Content-Length: 148
Expires: 0

POST
H2 204 ortb Show response
bid.contextweb.com/header/ Frame B912 0
220 B 243ms
121ms XHR
text/plain 74.214.194.133
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.contextweb.com/header/ortb
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.133 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2019 18:19:29 GMT
server: envoy
status: 204
cwdl: 22/120
access-control-allow-origin: https://saopaulo.blog
access-control-expose-headers: Access-Control-Allow-Origin
access-control-allow-credentials: true
x-envoy-upstream-service-time: 104
cw-server: bid-deployment-747889c5c-8pvmp
content-length: 0

GET
H2 200 arj Show response
tradehouse-d.openx.net/w/1.0/ Frame B912 173 B
661 B 111ms
84ms XHR
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fsaopaulo.blog%2F&jr=&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_2.1.6&dddid=349e292c-58ec-447c-9333-e80047f7a57a&nocache=1553278769799&pubcid=550c5e6f-f873-4e02-89d7-c6941989e535&aus=728x90&divIds=Prebid_Wrapper15739079&auid=540221829&
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 75dd6270084296fc8a3200723d78feb3208a1582863e5bffb2a597b91d5db182

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:29 GMT
content-encoding: gzip
server: OXGW/16.128.2
status: 200
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://saopaulo.blog
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B912 144 B
1 KB 156ms
29ms XHR
application/json 37.252.172.40
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.40 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

8fdd227f26d5a5dd0f0c0715f33588555c0eb38fb2295a2d84373e8291c646db

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.176:80
AN-X-Request-Uuid: af5a3021-c8f1-482b-9276-5839785e800b
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://saopaulo.blog
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame 32B2 5 KB
2 KB 35ms
24ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=72099628&millis=20190322181929&hb_request=74653042&hb_error=decline&friendly=friendly_90561139&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 702566d35bc6f92d14506cf44e37e2c49b162db658363372d944993bd53c4f08

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

GET
H/1.1 200
OK 16784.js Show response
ads.rubiconproject.com/ad/ Frame CF44 26 KB
0 71ms
9ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/16784.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=72099628&millis=20190322181929&hb_request=74653042&hb_error=decline&friendly=friendly_90561139&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12505
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 22 Mar 2019 21:47:34 GMT

GET
H/1.1 200
OK 1023578-2.js Show response
optimized-by.rubiconproject.com/a/16784/207978/ Frame CF44 2 KB
2 KB 257ms
94ms Script
text/javascript 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.28639285108294876&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/16784.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: deea042dddcf6d3ee4b8deefbc64cd480dfa270a6343a8ae672cd9d486f45d05

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=0, max=7
Content-Length: 1094
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK interactive1.js Show response
tradehouse.advertserve.com/js/ Frame CF44 11 KB
3 KB 54ms
28ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/interactive1.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=72099628&millis=20190322181929&hb_request=74653042&hb_error=decline&friendly=friendly_90561139&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:30 GMT

GET
H2 200 jstag Show response
tradehouse-d.openx.net/w/1.0/ Frame CF44 47 KB
17 KB 49ms
43ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/jstag
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.28639285108294876&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 021b268fd1e50c582182896e8ec6498682fd30dccb61592198dfc83cef7f6f46

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:30 GMT
content-encoding: gzip
server: OXGW/16.128.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17512
expires: Fri, 22 Mar 2019 19:19:30 GMT

GET
H/1.1 200
OK 1be91624-4503-44f9-a7d1-b95ef3d829b4
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame CF44 43 B
268 B 234ms
17ms Image
image/webp 213.19.162.67
The Rubicon Project

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon-eu-ams3.rubiconproject.com/beacon/d/1be91624-4503-44f9-a7d1-b95ef3d829b4?oo=0&accountId=16784&siteId=207978&zoneId=1023578&sizeId=2&e=6A1E40E384DA563B90CFD02884AFA696807842945A81A5E196E6ECF04E987B85B691743370EF66B7BE19124A363D6B07FE5D718BBE08EF1C3C302D3D37518788E527A87BEEDAB8DB1DCC8C25762CB6641C45189F33B502F0B17E1DA35A9FE148B9D66AA31AF60EC4981E9A7A03A424E5DBEA9C66512E049F09486FA62D86CD0DBB4F33CDE214CF90
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.67 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: Rubicon Project /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:29 GMT
Cache-Control: private, max-age=0, no-cache
Expires: 01 Jan 1970 10:00:00 GMT
Server: Rubicon Project
Content-Length: 43
Content-Type: image/webp

GET
H2 200 acj Show response
tradehouse-d.openx.net/w/1.0/ Frame CF44 1 KB
1 KB 109ms
79ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/acj?o=5336994045&callback=OX_5336994045&ju=https%3A//saopaulo.blog/&jr=&auid=540221832&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&mt=1
Requested by: Host: tradehouse-d.openx.net
URL: https://tradehouse-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 786f09aea0946e5425df03d03cebfbc6c8b013729ff1fb37ff977c7ab4f0a846

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:30 GMT
content-encoding: gzip
server: OXGW/16.128.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C324 0
0 117ms
28ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=JTKE2P6A-1R-27IP; rsid=C5zWB2zwvoN4SN7rZ3gJxZ9taZnPkls7873oTh/grXp4XYfJNHKUQfIVc+A/9c8wsrVMz0olzi7LdosyJbNqPPF08YIwJy6Mbsej15HsXLUNaNZetBXoVjxVwEdixF/5CZLiV80=; ses2=207976^1&207978^1; vis2=207976^1&207978^1; audit=2Vi9kzRSXWLJQm+8YKwL/AopMSmDd7TRz1oTNQaAXkTMNjac89ClRJXHaQ5yWgq8Z2uMLryyl00YjUNfy6Qi72jpfgLg+oKM
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51897
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12412/ Frame CF44 1 KB
2 KB 70ms
9ms Script
application/javascript 52.222.167.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12412/px.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-6.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e54feffd8729e8726f5b7325d1532e19c4e641efa5a0b7ac412fa6ae04a5b22

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 26 Feb 2019 14:07:47 GMT
Content-Encoding: UTF-8
Last-Modified: Thu, 29 Nov 2018 13:18:56 GMT
Server: AmazonS3
Age: 2088704
ETag: "fca88fdde2ee9f68ec991e8df1719e9b"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2db316290386960b489a2a16c0a63643.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: xpO_WqjsX__RwXIuHFPqLQLSStKu1S9CwFLDclJGvy4c9aWiSmmpzQ==

GET
H/1.1 200
OK zone Show response
tradehouse.advertserve.com/servlet/view/banner/javascript/ Frame 3E68 5 KB
2 KB 22ms
21ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=13068520&millis=20190322181929&hb_request=15739079&hb_error=timeout&friendly=friendly_62710702&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 08112a01e5d2f13e4ed91c963363d931a05a84975ffba477f53e82633d1f44cc

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Content-Type: text/javascript;charset=UTF-8
Server: nginx
Vary: Accept-Encoding
P3P: CP="NOI DSP COR NID"
Cache-Control: no-cache, no-store
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: none
Expires: Thu, 31 Dec 1998 11:59:59 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 8617 35 B
412 B 34ms
33ms Other
image/gif 37.157.6.253
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@28845743,605067762149584279,100|3600|0|0|0|0|0|0|0||124|0|31|807a4746377af6aa2a6a946485cfce778192b61e_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01@@28845743,4940723346665140171,100|4026|0|0|0|0|0|0|0||139|0|31|dd0855978d6a2af4877f505340e4366b01509fbb_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/615/s1.adform.net/load/v/0.0.168/e/.wSBgkg/i/8IG-xAAAABAAA/r:AdConstructor:contents/HTML:types/Standard
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.253 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS: s1.adform.net
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://saopaulo.blog/
Origin: https://saopaulo.blog
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:30 GMT
server: nginx
access-control-allow-origin: https://saopaulo.blog
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status: 200
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK 16784.js Show response
ads.rubiconproject.com/ad/ Frame CD04 26 KB
0 71ms
9ms Script
text/javascript 2.19.38.84
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.rubiconproject.com/ad/16784.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=13068520&millis=20190322181929&hb_request=15739079&hb_error=timeout&friendly=friendly_62710702&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.38.84 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-19-38-84.deploy.static.akamaitechnologies.com
Software: Apache / PHP/5.3.3
Resource Hash: d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3

Request headers

Response headers

Date: Fri, 22 Mar 2019 18:19:09 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=12505
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 7558
Expires: Fri, 22 Mar 2019 21:47:34 GMT

GET
H/1.1 200
OK 1023578-2.js Show response
optimized-by.rubiconproject.com/a/16784/207978/ Frame CD04 2 KB
2 KB 206ms
87ms Script
text/javascript 213.19.162.31
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.46352873075622925&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Requested by: Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/16784.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.31 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 42db6e11569858fccf4532ad4ca1411985f8de4d4a362caf4cceae7bef68403e

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: Keep-Alive
Content-Type: text/javascript
Keep-Alive: timeout=0, max=9
Content-Length: 1094
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK interactive1.js Show response
tradehouse.advertserve.com/js/ Frame CD04 11 KB
0 54ms
28ms Script
text/javascript 172.255.62.200
Gossamer Threads ...

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse.advertserve.com/js/interactive1.js
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?pid=0&zid=94&random=13068520&millis=20190322181929&hb_request=15739079&hb_error=timeout&friendly=friendly_62710702&resolution=unspecified&refresh_count=1&referrer=https%3A%2F%2Fsaopaulo.blog%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.255.62.200 London, United Kingdom, ASN36483 (GOSSAMERTHREADS - Gossamer Threads Inc., CA),
Reverse DNS
Software: nginx /
Resource Hash: 94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056

Request headers

Response headers

Date: Fri, 22 Mar 2019 18:19:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Mar 2019 05:17:30 GMT
Server: nginx
Vary: Accept-Encoding, Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public, max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 23 Mar 2019 18:19:30 GMT

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame CF44 897 B
1 KB 182ms
31ms Script
text/plain 54.229.254.12
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12412&ref=&hn_ver=10&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12412/px.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.254.12 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-254-12.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: 582f2a64dd2582632113fb20798e8515c8ae8f8272be55ac665226a167d23572

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:30 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 897
Expires: Fri, 01 Feb 2019 12:12:46 GMT

GET
H2 200 getjs.aspx Show response
tag.contextweb.com/TagPublish/ Frame 49A0 1 KB
877 B 730ms
261ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560167&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=655442
Requested by: Host: tradehouse-d.openx.net
URL: https://tradehouse-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: 31b24d2f3ae00b8f6b4e6a128762c9c06f4348a449a79978d38da9699b7e66ec

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:31 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 239
content-type: application/x-javascript
content-length: 728

POST /
track.adform.net/serving/unload/ Frame B4B6 0
0

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame CF44
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://ads.avocet.io/getuid?bounce=true&url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

95 B
647 B

252ms
53ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:31 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Date: Fri, 22 Mar 2019 18:19:31 GMT
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 149
P3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame CF44
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://s.cpx.to/sync?dsp=amobee&dsp_uid=3156218979705193198&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

95 B
630 B

292ms
33ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=amobee&dsp_uid=3156218979705193198&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:32 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:32 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=amobee&dsp_uid=3156218979705193198&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame CF44
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
https://s.cpx.to/ca.png?dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110&google_gid=CAESEAksy5KqECp0hHii1wylP8U&google_cver=1

95 B
492 B

346ms
39ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110&google_gid=CAESEAksy5KqECp0hHii1wylP8U&google_cver=1
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
Connection: keep-alive
Content-Length: 95
Content-Type: image/png

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:31 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110&google_gid=CAESEAksy5KqECp0hHii1wylP8U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 334
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame CF44
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12412%26ref%3D%26hn_ver%3D10%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://s.cpx.to/an_fire?app_nexus_uid=8536916421626968280&pid=12412&ref=&hn_ver=10&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

95 B
633 B

63ms
36ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/an_fire?app_nexus_uid=8536916421626968280&pid=12412&ref=&hn_ver=10&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:31 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:33 GMT
AN-X-Request-Uuid: 39e97b25-59cf-4e0e-861f-94adc28e14c1
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=8536916421626968280&pid=12412&ref=&hn_ver=10&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 244.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.17:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame CF44
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3D18a3d486-af7c-4bdf-9204-7581b8fc6110
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110

95 B
649 B

303ms
34ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:31 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=18a3d486-af7c-4bdf-9204-7581b8fc6110
Date: Fri, 22 Mar 2019 18:19:31 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 448
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jstag Show response
tradehouse-d.openx.net/w/1.0/ Frame CD04 47 KB
0 49ms
43ms Script
text/javascript 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/jstag
Requested by: Host: optimized-by.rubiconproject.com
URL: https://optimized-by.rubiconproject.com/a/16784/207978/1023578-2.js?&cb=0.46352873075622925&tk_st=1&rf=https%3A//saopaulo.blog/&rp_s=c&p_pos=atf&p_screen_res=1600x1200&ad_slot=207978_2&rp_secure=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 021b268fd1e50c582182896e8ec6498682fd30dccb61592198dfc83cef7f6f46

Request headers

Response headers

date: Fri, 22 Mar 2019 18:19:30 GMT
content-encoding: gzip
server: OXGW/16.128.2
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: max-age=3600
content-type: text/javascript
content-length: 17512
expires: Fri, 22 Mar 2019 19:19:30 GMT

GET a8c69707-f19d-46cb-b140-35dae7c80151
beacon-eu-ams3.rubiconproject.com/beacon/d/ Frame CD04 0
0

GET
H2 200 acj Show response
tradehouse-d.openx.net/w/1.0/ Frame CD04 1 KB
1 KB 181ms
180ms Script
application/json 173.241.240.220
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://tradehouse-d.openx.net/w/1.0/acj?o=810144022&callback=OX_810144022&ju=https%3A//saopaulo.blog/&jr=&auid=540221832&dims=&adxy=&res=1600x1200x24&plg=pm&ch=UTF-8&tz=0&ws=728x90&ifr=1&tws=1600x1200&mt=1&nl=51&ul=94
Requested by: Host: tradehouse-d.openx.net
URL: https://tradehouse-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.220 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-220.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash: 74e64ff53f26106a206303e5aa6d14e485c7fdf1bac4402c8d722a36c5df478f

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:31 GMT
content-encoding: gzip
server: OXGW/16.128.2
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
status: 200
cache-control: private, max-age=0, no-cache
content-type: application/json
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame C79C 0
0 95ms
28ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Cookie: khaos=JTKE2P6A-1R-27IP; rsid=C5zWB2zwvoN4SN7rZ3gJxZ9taZnPkls7873oTh/grXp4XYfJNHKUQfIVc+A/9c8wsrVMz0olzi7LdosyJbNqPPF08YIwJy6Mbsej15HsXLUNaNZetBXoVjxVwEdixF/5CZLiV80=; audit=2Vi9kzRSXWLJQm+8YKwL/AopMSmDd7TRz1oTNQaAXkTMNjac89ClRJXHaQ5yWgq8Z2uMLryyl00YjUNfy6Qi72jpfgLg+oKM; ses2=207976^1&207978^2; vis2=207976^1&207978^2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51897
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:31 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK px.js Show response
p.cpx.to/p/12412/ Frame CD04 1 KB
0 70ms
9ms Script
application/javascript 52.222.167.6
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://p.cpx.to/p/12412/px.js
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.167.6 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-167-6.fra54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8e54feffd8729e8726f5b7325d1532e19c4e641efa5a0b7ac412fa6ae04a5b22

Request headers

Response headers

Date: Tue, 26 Feb 2019 14:07:47 GMT
Content-Encoding: UTF-8
Last-Modified: Thu, 29 Nov 2018 13:18:56 GMT
Server: AmazonS3
Age: 2088704
ETag: "fca88fdde2ee9f68ec991e8df1719e9b"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2db316290386960b489a2a16c0a63643.cloudfront.net (CloudFront)
Cache-Control: max-age=2419200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1498
X-Amz-Cf-Id: xpO_WqjsX__RwXIuHFPqLQLSStKu1S9CwFLDclJGvy4c9aWiSmmpzQ==

GET
H/1.1 200
OK fire.js Show response
s.cpx.to/ Frame CD04 897 B
1 KB 354ms
34ms Script
text/plain 63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.cpx.to/fire.js?pid=12412&ref=&hn_ver=10&fid=f9ef0223-622b-4aa6-8397-68595b46c101
Requested by: Host: p.cpx.to
URL: https://p.cpx.to/p/12412/px.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: 18c658250bc894f002dc225b9ef2e7984110a5e9efe90620f61c2a119f0fbf54

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 897
Expires: Fri, 01 Feb 2019 12:15:02 GMT

GET
H2 200 getjs.aspx Show response
tag.contextweb.com/TagPublish/ Frame 11CA 1 KB
1 KB 268ms
191ms Script
application/x-javascript 74.214.194.131
PULSEPOINT-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.contextweb.com/TagPublish/getjs.aspx?action=VIEWAD&cwrun=200&cwadformat=728X90&cwpid=560167&cwwidth=728&cwheight=90&cwpnet=1&cwtagid=655442
Requested by: Host: tradehouse-d.openx.net
URL: https://tradehouse-d.openx.net/w/1.0/jstag
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.214.194.131 Amsterdam, Netherlands, ASN59940 (PULSEPOINT-EU, NL),
Reverse DNS
Software: envoy /
Resource Hash: 31b24d2f3ae00b8f6b4e6a128762c9c06f4348a449a79978d38da9699b7e66ec

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 22 Mar 2019 18:19:31 GMT
content-encoding: gzip
server: envoy
p3p: policyref="/TagPublish/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
status: 200
cache-control: no-cache, no-store
x-envoy-upstream-service-time: 173
content-type: application/x-javascript
content-length: 728

POST /
track.adform.net/serving/unload/ Frame 8617 0
0

GET
H/1.1

200
OK

an_fire
s.cpx.to/ Frame CD04
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Fan_fire%3Fapp_nexus_uid%3D%24UID%26pid%3D12412%26ref%3D%26hn_ver%3D10%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fs.cpx.to%252Fan_fire%253Fapp_nexus_uid%253D%2524UID%2526pid%253D12412%2526ref%253D%2526hn_ver%253D10%2526fid%253Df9ef0223-622b-4aa6-8...
https://s.cpx.to/an_fire?app_nexus_uid=5036460259216536928&pid=12412&ref=&hn_ver=10&fid=f9ef0223-622b-4aa6-8397-68595b46c101

95 B
633 B

62ms
34ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/an_fire?app_nexus_uid=5036460259216536928&pid=12412&ref=&hn_ver=10&fid=f9ef0223-622b-4aa6-8397-68595b46c101
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:31 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:33 GMT
AN-X-Request-Uuid: 80c62472-ca0e-4404-8928-59b5b111e5ee
Content-Type: text/html; charset=utf-8
Server: nginx/1.13.4
Location: https://s.cpx.to/an_fire?app_nexus_uid=5036460259216536928&pid=12412&ref=&hn_ver=10&fid=f9ef0223-622b-4aa6-8397-68595b46c101
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.220.70.220; 185.220.70.220; 244.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.187:80
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
s.cpx.to/ Frame CD04
Redirect Chain

https://d.turn.com/r/dd/id/L21rdC8xMjgwL2NpZC8xNzQ4MDc2NjU4L3QvMg/url/https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Damobee%26dsp_uid%3D%24%21%7BTURN_UUID%7D%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101
https://s.cpx.to/sync?dsp=amobee&dsp_uid=9064941690815283950&fid=f9ef0223-622b-4aa6-8397-68595b46c101

95 B
630 B

300ms
31ms

Image
image/png

54.229.43.73
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/sync?dsp=amobee&dsp_uid=9064941690815283950&fid=f9ef0223-622b-4aa6-8397-68595b46c101
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.43.73 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-43-73.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:32 GMT
Server: akka-http/2.4.17
P3P: CP="NOI DEV ADM"
Cache-Control: no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Content-Type: image/png
Content-Length: 95
Expires: Fri, 22 Mar 2019 18:19:32 GMT

Redirect headers

Location: https://s.cpx.to/sync?dsp=amobee&dsp_uid=9064941690815283950&fid=f9ef0223-622b-4aa6-8397-68595b46c101
Pragma: no-cache
Date: Fri, 22 Mar 2019 18:19:31 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ca.png
s.cpx.to/ Frame CD04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101
https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm=&dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_tc=
https://s.cpx.to/ca.png?dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_gid=CAESENNdabOKBh98G-z4NP8pmOk&google_cver=1

95 B
492 B

75ms
36ms

Image
image/png

63.32.83.187
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.cpx.to/ca.png?dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_gid=CAESENNdabOKBh98G-z4NP8pmOk&google_cver=1
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.83.187 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-83-187.eu-west-1.compute.amazonaws.com
Software: akka-http/2.4.17 /
Resource Hash: bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:31 GMT
Server: akka-http/2.4.17
Connection: keep-alive
Content-Length: 95
Content-Type: image/png

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:31 GMT
server: HTTP server (unknown)
location: https://s.cpx.to/ca.png?dsp=dbm&fid=f9ef0223-622b-4aa6-8397-68595b46c101&google_gid=CAESENNdabOKBh98G-z4NP8pmOk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 334
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

sync
s.cpx.to/ Frame CD04
Redirect Chain

https://ads.avocet.io/getuid?url=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Davocet%26dsp_uid%3D%7B%7BUUID%7D%7D%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101
https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=f9ef0223-622b-4aa6-8397-68595b46c101

0
0

GET

sync
s.cpx.to/ Frame CD04
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID%26fid%3Df9ef0223-622b-4aa6-8397-68595b46c101
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=f9ef0223-622b-4aa6-8397-68595b46c101

0
0

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 11CA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1

0
706 B

1071ms
24ms

Script
application/x-javascript

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:32 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-hhn1549-HHN
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=iso-8859-1
Cw-Server: bh-deployment-5b88dffbd-8tbbk
X-Cache-Hits: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:31 GMT
server: HTTP server (unknown)
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET getjs.static.js
tag-st.contextweb.com/TagPublish/ Frame 11CA 0
0

GET
H/1.1

200
OK

rtset Show response
bh.contextweb.com/bh/ Frame 49A0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1

0
706 B

1050ms
24ms

Script
application/x-javascript

151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1
Requested by: Host: saopaulo.blog
URL: https://saopaulo.blog/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://saopaulo.blog/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Mar 2019 18:19:32 GMT
Via: 1.1 varnish
X-Cache: MISS
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Connection: keep-alive
Content-Length: 0
X-Served-By: cache-hhn1549-HHN
Server: Jetty(9.4.7.v20170914)
Vary: Accept-Encoding
Content-Language: en
Expires: -1
Cache-Control: private, max-age=0, no-cache, no-store
Accept-Ranges: bytes
Content-Type: application/x-javascript;charset=iso-8859-1
Cw-Server: bh-deployment-5b88dffbd-hz2n8
X-Cache-Hits: 0

Redirect headers

pragma: no-cache
date: Fri, 22 Mar 2019 18:19:31 GMT
server: HTTP server (unknown)
location: https://bh.contextweb.com/bh/rtset?do=add&pid=547259&ev=CAESEMZa1fWE2eNiGgvnMEfSeHs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 306
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET getjs.static.js
tag-st.contextweb.com/TagPublish/ Frame 49A0 0
0

GET
H/1.1 200
OK visitormatch
bh.contextweb.com/ Frame 6836 0
0 30ms
27ms Document
text/html 151.101.0.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/visitormatch
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Cookie: _dbefe=http://10.223.26.209:8080; sto-id-20480-bh=BJANNMAKFDAA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-5b88dffbd-hz2n8
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:33 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1549-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 91B5
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

0
0

21ms
21ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://saopaulo.blog/
accept-encoding: gzip, deflate, br
cookie: i=79dfa0d0-a6d1-0db6-180d-55be7b87e0ef|1553278773
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

status: 200
vary: Accept
set-cookie: i=79dfa0d0-a6d1-0db6-180d-55be7b87e0ef|1553278773; Version=1; Expires=Sat, 21-Mar-2020 18:19:33 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553278773|mOgikimWiygu; Version=1; Expires=Sat, 06-Apr-2019 18:19:33 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 22 Mar 2019 18:19:33 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=79dfa0d0-a6d1-0db6-180d-55be7b87e0ef|1553278773; Version=1; Expires=Sat, 21-Mar-2020 18:19:33 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
date: Fri, 22 Mar 2019 18:19:33 GMT
content-length: 0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 6E0C 0
0 97ms
30ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51895
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E2D6 0
0 594ms
23ms Document
text/html 151.101.121.108
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.121.108 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Fastly-Debug-Digest: e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length: 506
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:33 GMT
Age: 19730260
Connection: keep-alive
X-Served-By: cache-jfk8146-JFK, cache-cdg20780-CDG
X-Cache: HIT, HIT
X-Cache-Hits: 4857776, 965527
X-Timer: S1553278774.647473,VS0,VE0
Vary: Accept-Encoding

GET async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 02FB 0
0

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame B699 0
0 3092ms
19ms Document
text/html 104.111.230.142
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Thu, 07 Mar 2019 18:37:22 GMT
Content-Encoding: gzip
Content-Length: 7419
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=51890
Expires: Sat, 23 Mar 2019 08:44:28 GMT
Date: Fri, 22 Mar 2019 18:19:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 48F6
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1

0
0

51ms
51ms

Document
text/html

173.241.240.143
OPENX TECHNOLOGIES

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.241.240.143 New York, United States, ASN36089 (OPENX-AS1 - OPENX TECHNOLOGIES, INC., US),
Reverse DNS: ox-173-241-240-143.xa.dc.openx.org
Software: OXGW/16.128.2 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://saopaulo.blog/
accept-encoding: gzip, deflate, br
cookie: i=4c5205b5-e44c-09e2-115f-4edf485b6cdc|1553278775
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

status: 200
vary: Accept
set-cookie: i=4c5205b5-e44c-09e2-115f-4edf485b6cdc|1553278775; Version=1; Expires=Sat, 21-Mar-2020 18:19:35 GMT; Max-Age=31536000; Domain=.openx.net; Path=/ pd=v2|1553278775|mOgikimWiygu; Version=1; Expires=Sat, 06-Apr-2019 18:19:35 GMT; Max-Age=1296000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 22 Mar 2019 18:19:35 GMT
content-type: text/html
content-encoding: gzip

Redirect headers

status: 302
set-cookie: i=4c5205b5-e44c-09e2-115f-4edf485b6cdc|1553278775; Version=1; Expires=Sat, 21-Mar-2020 18:19:35 GMT; Max-Age=31536000; Domain=.openx.net; Path=/
server: OXGW/16.128.2
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=35a8f4f8-fb93-4d8e-8b3a-a697059080b6&gdpr=1
date: Fri, 22 Mar 2019 18:19:35 GMT
content-length: 0

GET
H/1.1 200
OK Cookie set visitormatch
bh.contextweb.com/ Frame 2B2F 0
0 112ms
40ms Document
text/html 151.101.192.166
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://bh.contextweb.com/visitormatch
Requested by: Host: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/js/prebid-2.5.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.166 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host: bh.contextweb.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://saopaulo.blog/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://saopaulo.blog/

Response headers

Cache-Control: private, max-age=0, no-cache, no-store
Content-Encoding: gzip
Content-Language: en
Content-Type: text/html; charset=utf-8
Cw-Server: bh-deployment-5b88dffbd-4xxqw
Expires: -1
P3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server: Jetty(9.4.7.v20170914)
Set-Cookie: _dbefe=http://10.223.26.79:8080; Path=/ sto-id-20480-bh=BJANNMAKFCAA; Domain=contextweb.com; Expires=Fri, 22-Mar-2019 18:34:35 GMT; Path=/
Transfer-Encoding: chunked
Accept-Ranges: bytes
Date: Fri, 22 Mar 2019 18:19:35 GMT
Via: 1.1 varnish
Connection: keep-alive
X-Served-By: cache-hhn1539-HHN
X-Cache: MISS
X-Cache-Hits: 0
Vary: Accept-Encoding

POST events
tradehouse.advertserve.com/servlet/ Frame CD04 0
0

GET zone
tradehouse.advertserve.com/servlet/view/banner/javascript/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1569881&sid=1358733&plc=28845743&advid=165376&app=&sup=Rubicon&adsrv=178&region=40&btreg=28845743&btadserv=adform&crt=29559038&crtname=Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B2+-+41bb5cd&dvtagver=6.1.src&turl=saopaulo.blog&DVP_ADTYPE=Html&DVP_LINE=4869493&DVPX_IMPID=605067762149584279&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.73469&DVPX_LONG=8.34401&DVPX_PAGE=https%3a%2f%2fsaopaulo.blog%2f

Domain: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=1569881&sid=1358733&plc=28845743&advid=165376&app=&sup=Rubicon&adsrv=178&region=40&btreg=28845743&btadserv=adform&crt=29559041&crtname=Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&dvtagver=6.1.src&turl=saopaulo.blog&DVP_ADTYPE=Html&DVP_LINE=4869493&DVPX_IMPID=4940723346665140171&DVPX_GUID=-5750631979060554475&DVPX_CDID=&DVPX_LAT=50.73469&DVPX_LONG=8.34401&DVPX_PAGE=https%3a%2f%2fsaopaulo.blog%2f

Domain: m.exactag.com
URL: https://m.exactag.com/ai.aspx?extCa=707&extTcm=DisDisPre213C|PreCpm000|fq0ntadyn&c_id=display_cic_213:fq0_C_nta_dyn_Strategie_Q3+SIMOnly+CTA+Test+DCO+72+-+Shell_Q3+SIMOnly+CTA+Test+DC+-+Q3_SIMOnly_728x90_B5+-+c204a07&cachebuster=12406

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16784&site_id=207976&zone_id=1023572&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fsaopaulo.blog%2F&tk_flint=pbjs_lite_v2.5.1&x_source.tid=349e292c-58ec-447c-9333-e80047f7a57a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5611236691673098

Domain: track.adform.net
URL: https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@28845743,605067762149584279,100|3600|0|0|0|0|0|0|0||124|0|31|807a4746377af6aa2a6a946485cfce778192b61e_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01

Domain: beacon-eu-ams3.rubiconproject.com
URL: https://beacon-eu-ams3.rubiconproject.com/beacon/d/a8c69707-f19d-46cb-b140-35dae7c80151?oo=0&accountId=16784&siteId=207978&zoneId=1023578&sizeId=2&e=6A1E40E384DA563B0BA21992BD9B14720270EA78D36443E9BC63686B4576087E9F33317A8CCDB9FF6610A259AE0ADB1B6EA04654B7DAB7195939154C84920C8CE527A87BEEDAB8DB1DCC8C25762CB6641C45189F33B502F0B17E1DA35A9FE148C56D0956F71F816D981E9A7A03A424E5DBEA9C66512E049F09486FA62D86CD0DBB4F33CDE214CF90

Domain: track.adform.net
URL: https://track.adform.net/serving/unload/?version=15&unload=-5750631979060554475@@28845743,4940723346665140171,100|4026|0|0|0|0|0|0|0||139|0|31|dd0855978d6a2af4877f505340e4366b01509fbb_1|||1|0|0|O1utvpXbb-r5-w5zhnXSrHM_32nuV1JXasL6zt-T0tcBSuZIlQaOJ8wh73xqnVJy6dCWbZPhukE1|||01

Domain: s.cpx.to
URL: https://s.cpx.to/sync?dsp=avocet&dsp_uid=9664ffd2-837b-43dc-8b28-628b6b1e85b4&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Domain: s.cpx.to
URL: https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=51645671-CF38-484E-8DA2-A059AAF78ED3&fid=f9ef0223-622b-4aa6-8397-68595b46c101

Domain: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30

Domain: tag-st.contextweb.com
URL: https://tag-st.contextweb.com/TagPublish/getjs.static.js?v=30

Domain: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Domain: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/events?type=viewable&name=time&ip=185.220.70.220&uuid=b16a6e8eeb3fecd4f983a475f4c65c21&random=13068520&timestamp=20190322181930&referrer=https%3A%2F%2Fsaopaulo.blog%2F

Domain: tradehouse.advertserve.com
URL: https://tradehouse.advertserve.com/servlet/view/banner/javascript/zone?zid=94&pid=0&fr=30&frcn=1&frlm=15&friendly=friendly_72098438&container=adhesion&random=39170680&referrer=https%3A%2F%2Fsaopaulo.blog%2F

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.1.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	info	URL: https://platform.twitter.com/widgets.js(Line 1) Message: You may have been affected by an update to settings in embedded timelines. See https://twittercommunity.com/t/deprecating-widget-settings/102295.
console-api	error	URL: https://platform.twitter.com/widgets.js(Line 1) Message: Profile timeline for screen_name: 672950039279480833 not found

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ad.atdmt.com
ads.avocet.io
ads.rubiconproject.com
beacon-eu-ams3.rubiconproject.com
bh.contextweb.com
bid.contextweb.com
c0.wp.com
cdn.advertserve.com
cdn.doubleverify.com
cdn.syndication.twimg.com
cm.g.doubleclick.net
d.turn.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
hb-api.omnitagjs.com
i0.wp.com
i2.wp.com
ib.adnxs.com
image2.pubmatic.com
m.exactag.com
optimized-by.rubiconproject.com
p.cpx.to
pixel.wp.com
platform.twitter.com
s.cpx.to
s0.wp.com
s1.adform.net
saopaulo.blog
secure.adnxs.com
secure.gravatar.com
stats.wp.com
syndication.twitter.com
tag-st.contextweb.com
tag.contextweb.com
track.adform.net
tradehouse-d.openx.net
tradehouse.advertserve.com
vfd2dyn.vodafone.de
vfde.demdex.net
zanquetta.files.wordpress.com
acdn.adnxs.com
beacon-eu-ams3.rubiconproject.com
cdn.doubleverify.com
fastlane.rubiconproject.com
m.exactag.com
s.cpx.to
tag-st.contextweb.com
track.adform.net
tradehouse.advertserve.com
104.111.230.142
104.244.42.8
151.101.0.166
151.101.121.108
151.101.192.166
172.217.21.226
172.255.62.200
173.241.240.143
173.241.240.220
185.33.223.203
185.64.189.110
192.0.72.28
192.0.76.3
192.0.77.2
192.0.77.32
192.0.77.37
192.0.78.222
2.19.38.84
205.185.216.42
213.19.162.21
213.19.162.31
213.19.162.41
213.19.162.57
213.19.162.67
213.19.162.71
213.202.235.8
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2a00:1450:4001:808::200a
2a00:1450:4001:820::200a
2a00:1450:4001:825::2003
2a03:2880:f007:2:face:b00c:0:1
2a04:fa87:fffe::c000:4902
35.158.52.144
37.157.2.248
37.157.6.253
37.252.172.12
37.252.172.40
46.228.164.13
52.210.60.105
52.213.58.51
52.222.167.6
54.194.73.223
54.229.254.12
54.229.43.73
54.37.115.96
54.37.115.97
63.32.83.187
74.214.194.131
74.214.194.133
021b268fd1e50c582182896e8ec6498682fd30dccb61592198dfc83cef7f6f46
033aecc5a89b1984afe3587346912fb1ec9957a00000a95246f8b372c5a31ca5
03bb9e72be4f377561bb3748ec4ce052d528d35bf5e65a5c8963364b071094d9
08112a01e5d2f13e4ed91c963363d931a05a84975ffba477f53e82633d1f44cc
0b3bae4e5abf408ea0c1630d47a29c60140024b55edbc1d71dd37167d5ff3918
0b8be0da901b2bbc27c22c682f09d4bb1dce86daeb05168349dc7d06fce07625
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1130fc4a128a7d1db39a0ca529c4f216a20c659b451e086f5aa957b263160282
11cd4b77f1bef0bcb1e92b51947baaaf96b1d9c0dea9433f4d8971db9d1c31a3
121cb07f127e755b5f118a626394cc0b0b79190d5b8d5bc3e6f3d9d73f516a6e
12a73ce30909cea065a75647128cb21cb963502d04030631a77dbd87dbb96393
148b35f5e5d3dd37d6fc44caa577d6b478b0a62bb1200439d1f77e21f9c88c64
18c658250bc894f002dc225b9ef2e7984110a5e9efe90620f61c2a119f0fbf54
19a9d7c55b59075db7d6cc96aee53fd8c2a1017fbb04b7314f657d23c914cea4
1ee24ee7b3b14d427522d9956ff6ad523f1dea0fe67202bc2169ee99b34834da
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
23c0b3973aec2be4c627c774ac1a3853c8fb1c59207410c9c30ad19133b47ea7
245dba3be6a1b10208f628f21377fc998b5384dc303bdef6954df3910e4f36b5
265c34f4c62e6423e270cecb0c422b735dfb0f18cea04c2ac343b6f22106661e
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
2a1c1e89362ade291cc8d0e337333af259676a42208cc6e979854f91507fb15d
2e1ced1bd0736a56a0c44fd7b3bf8134850398ecddd52a0f5e6e437c5d527999
2e277f6725f5c784396d3bf6518f9259db57f300adc1d31154c67caee9750031
2f4d242898049ead487b0ed6838b23d4af051aa50136c1528edda709acc35713
2f7b1676817e06b2478c184d45ec7e73d209ea1ec68e6e0f1b0efc7fb89b922b
31584da6a85ecd5bef8c8298cc5c8dc24761177f7eacec813379088c48d0346f
31b24d2f3ae00b8f6b4e6a128762c9c06f4348a449a79978d38da9699b7e66ec
35ed2b1565bbaa76ce27cdf2838251a9c514247954e6f7891eb939c0ca769dba
3657b793e40021d8d699a71679550f6c3f843344bf7db7f4e759070472ff454e
36ad0edaf88cb19e7cbdae22470c1f124f02fd5673bf6144c0a7a9f0a8fef987
37277716bb26faa7243ddd815bdf751ef63e015910a0c7f8bc14a1cc518ee5e1
39eec5fec9d2a020bf8a7fb1960ef49ed0cf0ba5d99ef60928f8a109bdede9c2
3b6b95b16a54e1ef223d083ab64fec6ac66109b0f2c5233ec79baaffc693ae13
3e14d3fb372005680ec015d011ceca69c841315bf7c5449468d1910aafdd3579
3e2e6a30d60b1305c6819ce7b38cef501674c8df26245af43802a9cb7094aaae
42db6e11569858fccf4532ad4ca1411985f8de4d4a362caf4cceae7bef68403e
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b17ffee83414bbd3b8eccda4283b038352663cb8d38e6f9f24449fb120bf898
4b4a1db2b64f0618827c21c3c01038cdb1f1618fcd9c727676c323f9d286185b
4e4cebce468b8200277b5451386db49dce3c7df968de89acec4a9e8660e2dc21
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
50dda9aac0fcea362bdda27ae7833240485ad5a20ccc105c1cd13ea26802a8bd
56d20617777b1c7d730e64896a372484842df84e1c3d7992d6aad7347d842dc7
582f2a64dd2582632113fb20798e8515c8ae8f8272be55ac665226a167d23572
5bf017dc805186f4bf04982b77f0ec4ddd745b71a7baba66df9440b5bb847b22
5ca836348c2ca4ea66b40a286829c847d8e6cd8c19344165c10b30caf4d33c79
5e4b9ce0c47a9f9c4503f5e89f7d1fbb41fba2dc68ecfb5ed3d2cf00eeadc9ac
5effce17c0a04c14df958458e0a25e9b1e3eb3411a691857dfcc6e9bcb3e2ce3
5fa8818891dd8c149dfec8a8e16f4bcaa875cd9062f68dbc1a119c8e335b233a
632af363989d420500a3fc1546178648f5aaa4f9aabb98666e62c3035fa423d1
639d5fefe90f62a590f7bff5db736724104b4a7c69f28b049d88b58b4a0de848
68431dea24c414bb0dc8c3e577d2edda179d8b884c2f7314ccd5a24ded4664e6
68a21402dc8bbd85d41b7bf206a9819d583d6b81f39bb67f744d3c39d8d68d36
69aff18e54732eae1bb02c82d045c33f45675b017ba6dfdade80ab63a8e26bc5
6a784a12fa3b2109a2d2941d07299e91f13ae656d1696c19cdee1a9d4e374a57
6b97e6ec253bb78ba27c2b6d0b93333e2a5ad6fa1d8e4a53ac6c96eefbf6f89c
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6df4c98d54bfd1d98b732a2ea589b077253c663d4a5d746a139e30de376dd24f
6ec572d0e816e1e37f4fc506a759c5302f76bfc4f3a785e4b2982aee95567d93
6efb4a243390140a871d098ad5637144df05a693bc6d0b943290039a8fa258f4
702566d35bc6f92d14506cf44e37e2c49b162db658363372d944993bd53c4f08
74e64ff53f26106a206303e5aa6d14e485c7fdf1bac4402c8d722a36c5df478f
75dd6270084296fc8a3200723d78feb3208a1582863e5bffb2a597b91d5db182
77541e1a3e4006b75805195b6c8d8999928d928598bc8ae9b3998da587ff4e41
786f09aea0946e5425df03d03cebfbc6c8b013729ff1fb37ff977c7ab4f0a846
7a3fa135c68dda9f621c6a880a83444ba4bd6522584b9c6852691a012e928095
7ae1b3f1d40bf321c4c698f219ccb16cfccf04c4ff161309a25ec19ead999edc
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8868d2a2f803ea6802d54a11564b5b96c7d8be56117a328c8f605539d6dee167
8a4804faa57cbd0c9b53b19b7c12eb45363f29e8beee38e5dee47f7218e93904
8e54feffd8729e8726f5b7325d1532e19c4e641efa5a0b7ac412fa6ae04a5b22
8f2270058422f39ff89104cec8f21350c09c033a28ad8ef72d82f76f56960440
8fdd227f26d5a5dd0f0c0715f33588555c0eb38fb2295a2d84373e8291c646db
94a16af23f5b8c309dc7fa05d0ea2de49f6da7de105159b46241a046e407e056
96cae96a73c65ceed190aa0b4a9a86f0233798e9a17f27ca57855f4f79ebf678
980c63959cb612f0bdb4ee72cc7c25dd8f28b4f59adc4d04bdd38930a7ba1820
99e8910a98758dd8f951879f7f9e45ea7ce8d172c58ebf07a2de4c3adb301cc2
9bf28f6cc36bd0a6e167ff8b916c07b5f23fc702b70ba0bd6d0e67582ebd20fd
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a09b5785c230e1f08f23ea6af8aa0d341736c3371d8bc6b30fc0aff9c213e46b
a5307da44321773c9f46b34d756dcbd6cd427238e5cbad91cd2cf151513ec283
a5488d52ed3da00050c876fdaa8441bb38ac8d0ebaf2b95625c0aba608e6aee2
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a75a7bf10f415b7c91f0b959177f3f1779e78cbf735601e41fb982c2b1cf4be2
aaba93efc3864fa92711cfd8f0b636c39e9eb19138541007a9fd36fa341f45a1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b60a3f35df951f996c45cbab8c07b9884c7c9d6a8e9508e4cf0a6589bb14531d
b731340fee449711ecc144db2006db10f7b0a8d738d5d00ad37637053bab65fe
b911ef53947b7db125202325e1b9ba2dba34a330192880804329faa67ce4b056
ba835bb2dcca3f3188f26852bd9365792e31ec0d8f35a71a08a69ed099c3e6f3
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c4aa9f5f2258a0c04b27c085e888bf94cf84035dc8978f0f0beb70bbf221cb27
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c973bf1ed7a4f12c2f33ba7159c750a76995e7679ecd59b5af2427a92260dfc2
c9e5efdb292893b4854e0b230fc1ab2b1e06cdacf85c7883784d07282f8b205b
ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034
cd74596ad5b2a172a11f95de27d7edbf777c0ac25c77b1e0f89dcf09e7122fed
ce9de6f63d7dbef1e192434a8a7a84663aa9cdf2c68c69746902ca4cc9a9e81a
cf30af111f434c5c0d47ee7c9e9c11ef97a89947ab1df708f6aa1a54ee3e6044
d02197080b9680999381b5f5337fedd92674e5a1550ddfcc0c70612d3170a5e3
d038ecdb27defd584aba1bb9605b2a8fee96b59b4d4bcbcd4aab0aa356d4948b
d19a5635fee4203bdf1aa675cc2d02a155b423135543f5fa5327c62c2a6644c7
d2381ad27320676fbee72b5d53c3f9413742bb5fbf19dcda804da20597007931
d3b9ac60281114eb252c949187818336066886576d5fc78f31cc8c4c2d94531f
d6a8bf1f2a5d494feca74153daf9a45952a3258b43a93d94f059fc6134650d84
d9daa7bf64ee5a0a6b4e4d55a303f522e48a61971199e66d89bc465fafbb1153
d9f65a8610c2fd4e088b90f49281ca59b533708c117c33337c572af5a8ae5c64
da9a27c4e319a310153f07b7c9a6cad33abd73747528a31936085fdd829a1222
deea042dddcf6d3ee4b8deefbc64cd480dfa270a6343a8ae672cd9d486f45d05
e01e9dea7d7fc4ba418932a1f86a86e32201f020b3750708e85a3a58cbf205e1
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7be357ddd89fe4f85dd3a2f16929f2344148d0ede966e9bf92febe1b998cc9b
e8e908c1cf59030880b37997aafc3efb4bf0dd898c85417230d2387b5f14bbb5
e8eea226b47dc7a572c3af6099fc31cc6c8d40ea704350de9bb6702ea91ffaae
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ed4dbe1c9807d715bd1c10ac32580bd335cb61169fb6432a08c56eb7d2b8cad3
eddf24654faf2a917711c311d9d7af1b67086feb0a5c81aaf5435b945b3cdcbd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3f8d65edc4305a7013b42bc0dc02f695f0da8d14500f817fb5ab08a0dc8526c
f4c79e046b6523d9269571f00e0baa6096b1f612faa66500a89024e9a5a8ccb5
f5fa487416676288b5e92b1530f85fbc61d2875f4a74926affa77be11223cfe9
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fb875a5414287a36148c8ea4668738c72d4b4b92c8ed509681b9588db04b617e
fe32c9921874b35b87acb0a3b558784ca7b9fed91ed34c1d2a68b6566c9d09be
ffa31f5802b20d64a10c71ad93394c1e2b4b16f33e2f479d8274fd02ce0a594f

saopaulo.blog Open in urlscan Pro 192.0.78.222 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

213 Requests

93 %HTTPS

14 %IPv6

25 Domains

44 Subdomains

46 IPs

7 Countries

1183 kBTransfer

3102 kBSize

0 Cookies

8 Outgoing links

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

saopaulo.blog Open in urlscan Pro
192.0.78.222 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

93 %
HTTPS

14 %
IPv6

25
Domains

44
Subdomains

46
IPs

7
Countries

1183 kB
Transfer

3102 kB
Size

0
Cookies

213 HTTP transactions
0 data transactions