jmonline.com.br Open in urlscan Pro
132.148.23.221 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://jmonline.com.br/
Effective URL:
https://jmonline.com.br/novo/
Submission Tags: tranco_l324
Submission: On November 14 via api (November 14th 2021, 8:47:33 am UTC) from DE — Scanned from DE

Summary HTTP 316 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 32 domains to perform 316 HTTP transactions. The main IP is 132.148.23.221, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is jmonline.com.br.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 6th 2021. Valid for: a year.

This is the only time jmonline.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 63	132.148.23.221 132.148.23.221	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
2	2606:4700:10:... 2606:4700:10::6816:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6ea0:c70... 2a02:6ea0:c700::10	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2606:4700:20:... 2606:4700:20::681a:786	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.225.78.77 13.225.78.77	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	148.72.158.239 148.72.158.239	30083 (AS-30083-...) (AS-30083-GO-DADDY-COM-LLC)
15	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2825	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	148.69.64.76 148.69.64.76	12353 (VODAFONE-...) (VODAFONE-PT Vodafone Portugal)
5	18.184.28.70 18.184.28.70	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:20e... 2600:9000:20eb:be00:5:3aaa:f40:93a1	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.78.69 13.225.78.69	16509 (AMAZON-02) (AMAZON-02)
1 35	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	13.224.186.39 13.224.186.39	16509 (AMAZON-02) (AMAZON-02)
10 14	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.224.186.21 13.224.186.21	16509 (AMAZON-02) (AMAZON-02)
8	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
41	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4 6	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
316	49

63 132.148.23.221 (United States) 2 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-132-148-23-221.ip.secureserver.net

jmonline.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:325d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.datatables.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.sendpulse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:786 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.unblockia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-77.fra2.r.cloudfront.net

m2d.m2.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.72.158.239 (St Louis, United States)

ASN30083 (AS-30083-GO-DADDY-COM-LLC, US)
PTR: condor3927.startdedicated.com

appradio.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2825 (United States)

ASN13335 (CLOUDFLARENET, US)

scripts.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ui.cleverwebserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.69.64.76 (Porto, Portugal)

ASN12353 (VODAFONE-PT Vodafone Portugal, PT)
PTR: are.clevernt.com

sender.clevernt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.184.28.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-28-70.eu-central-1.compute.amazonaws.com

a3.pubguru.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:be00:5:3aaa:f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.pubguru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-69.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-39.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.186.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.186.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-21.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	googlesyndication.com 1 redirects pagead2.googlesyndication.com f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com tpc.googlesyndication.com	668 KB
63	jmonline.com.br 2 redirects jmonline.com.br	2 MB
47	doubleclick.net 10 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net stats.g.doubleclick.net	364 KB
41	2mdn.net s0.2mdn.net	545 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	375 KB
17	google.com 1 redirects www.google.com adservice.google.com fundingchoicesmessages.google.com	62 KB
8	googletagservices.com www.googletagservices.com	281 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com	7 KB
6	openx.net 4 redirects us-u.openx.net	1 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	adnxs.com 3 redirects ib.adnxs.com	5 KB
5	pubguru.net a3.pubguru.net	1 KB
4	teads.tv sync.teads.tv	688 B
4	google-analytics.com www.google-analytics.com	57 KB
4	cloudflare.com cdnjs.cloudflare.com	36 KB
4	fontawesome.com use.fontawesome.com	132 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	jquery.com code.jquery.com	221 KB
2	google.de adservice.google.de www.google.de	800 B
2	pubguru.com cdn.pubguru.com	64 KB
2	cleverwebserver.com scripts.cleverwebserver.com ui.cleverwebserver.com	51 KB
2	datatables.net cdn.datatables.net	32 KB
1	exactag.com m.exactag.com	1 KB
1	googletagmanager.com www.googletagmanager.com	53 KB
1	clevernt.com sender.clevernt.com	354 B
1	appradio.app appradio.app
1	m2.ai m2d.m2.ai	160 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	15 KB
1	youtube.com img.youtube.com	35 KB
1	unblockia.com cdn.unblockia.com	22 KB
1	sendpulse.com cdn.sendpulse.com	9 KB
316	32

	Domain	Requested by
63	jmonline.com.br	2 redirects jmonline.com.br
41	s0.2mdn.net	f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com jmonline.com.br s0.2mdn.net
35	tpc.googlesyndication.com	1 redirects f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com jmonline.com.br securepubads.g.doubleclick.net
32	pagead2.googlesyndication.com	m2d.m2.ai pagead2.googlesyndication.com f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.unblockia.com tpc.googlesyndication.com www.gstatic.com jmonline.com.br securepubads.g.doubleclick.net www.googletagservices.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com jmonline.com.br
14	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net
10	www.google.com	1 redirects jmonline.com.br f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com jmonline.com.br
8	googleads4.g.doubleclick.net	googleads.g.doubleclick.net jmonline.com.br
8	www.gstatic.com	www.google.com f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
8	www.googletagservices.com	jmonline.com.br f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
6	us-u.openx.net	4 redirects googleads.g.doubleclick.net
6	fundingchoicesmessages.google.com	cdn.pubguru.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	a3.pubguru.net	m2d.m2.ai
4	sync.teads.tv	googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com jmonline.com.br
4	fonts.gstatic.com	jmonline.com.br fonts.googleapis.com
4	cdnjs.cloudflare.com	jmonline.com.br
4	use.fontawesome.com	jmonline.com.br use.fontawesome.com
3	encrypted-tbn0.gstatic.com	jmonline.com.br
3	fonts.googleapis.com	f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
3	code.jquery.com	jmonline.com.br
2	encrypted-tbn2.gstatic.com	jmonline.com.br
2	cdn.pubguru.com	m2d.m2.ai
2	cdn.datatables.net	jmonline.com.br
1	encrypted-tbn3.gstatic.com	jmonline.com.br
1	encrypted-tbn1.gstatic.com	jmonline.com.br
1	www.google.de	jmonline.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	m.exactag.com	f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.googletagmanager.com	jmonline.com.br
1	sender.clevernt.com	jmonline.com.br
1	ui.cleverwebserver.com	jmonline.com.br
1	scripts.cleverwebserver.com	jmonline.com.br
1	appradio.app	jmonline.com.br
1	m2d.m2.ai	jmonline.com.br
1	stackpath.bootstrapcdn.com	jmonline.com.br
1	img.youtube.com	jmonline.com.br
1	cdn.unblockia.com	jmonline.com.br
1	cdn.sendpulse.com	jmonline.com.br
316	49

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.facebook.com
www.instagram.com
twitter.com
plus.google.com
www.youtube.com
classificados.jmonline.com.br
itunes.apple.com
play.google.com
companhiadamidia.com.br

Subject Issuer	Validity	Valid
jmonline.com.br Go Daddy Secure Certificate Authority - G2	`2021-05-06` - `2022-06-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
1603358863.rsc.cdn77.org R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.m2.ai Amazon	`2021-11-08` - `2022-12-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
appradio.app R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.clevernt.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-23` - `2022-02-23`	a year	crt.sh
*.pubguru.net Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://jmonline.com.br/novo/
Frame ID: 24BC41959F7671A86D66C251DC8D81FF
Requests: 136 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CE93B1FCB8C5D9B23870AC172B36665B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 13814C45BE2A40283398C4959CF4CC9B
Requests: 1 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6831DC0286714976EE62A60F190573B5
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhiy_ve6ATAB&v=APEucNXxaNs7gXQVJMKUopywwX8fEAflD3J3Y5FCgBH9Q8LH5g-JB8Rj3L94tAn7y0Rzcj_raMp1t_2ds_g8GqSLm-NcXRrdSuzMTgR6oyJP9rC2WgFEZrg6OWdegMI1YZ5mW-Ffa8bZorQHs8zFCYC3V6sM6ygVspAMQF-MHkjgTV0ZkAnUhmk
Frame ID: 9DC1F1C3BF5DB7704F0A6AA0A6543E66
Requests: 5 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Frame ID: E53CB31BB5B22366BE6169D326D5B900
Requests: 1 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 054532E05765739E6C67F99201741153
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6515FB1286A87D3A60C922AE5FDDF12B
Requests: 3 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4E77BBE8D8D9285945F42BF0D08EE5F
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiK_f65ATAB&v=APEucNVU4UiD5G-0zV3oz9nnrT86WQ8E8a_wy_9yRFQb_A_VYM74ZakfxrjS05AnYR8AwBeVc7yLINB6GBoHojHZLtDxgGmqvT5rDVuLIdYoyX7VAiKeKJ76lpWYJf9fTldMI084ds2fPdNljea8nirXLmWXS2cjeaqNYwSPxCsh5f6cTkWsFOM
Frame ID: 2123E9A9634C5CA0F2BC8532F67E358A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1333415EDDB49DE600B8D68DC0654407
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 94A0B43EBD74DCC3832D9917CB1FCE33
Requests: 12 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4E076B6C774E13A58C5554B5C364CA4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU
Frame ID: F645F22346FB15C93E6CAC18CEA62BED
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 9B072846458D1BCF4D26D9F8C487C628
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
Frame ID: F35D895FCC2CEB973AC4FAA4295A2881
Requests: 18 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA72335621E50FC752B9FD83816FC502
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc
Frame ID: DDD7441CBB1BF9F8F396EF18C09DF55F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 1543720ADC4B414222190BD9EF3CAA84
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F70A8E4129E5BECD8DD9F20EBF41BC71
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
Frame ID: 5ECDA85F79E611A9D2D1CB5D80FB0D0C
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7A28FFA3771AE962F0058E41FB345AC9
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfZlvx5K0nzIE6PQvWrSF230aJf0wsXzUrShwLi7jaUfvh9QNxs9opqP6FAgk1jfLvfn4eqPqhJxM2prlOzdxQ7fg-KBDaa2869wzL0-YR5YdiGmmOMherX0lij1DJNCC16sNPw89YbU9NV2fxq5nJ4Kh8Xdv8_nL8BMn0O83r_dvDK_QoTLbbyhhfSKRzVf0ns0herAZ39G2pQ-12Q5Io48b5-_tJ3twOKSvWNFDZO0QVv6dyFgKzkc-Jci0EQAx1UoQqtUT6SAGyrXscx-Oi16nH4vLzRDrsMSXVl9rZKkEJc7pojWQKCtAHf_AbGfJykakgbNvbGHr1V3zH2V144l3tZc-M71LYvhEuVjo&sai=AMfl-YTcJ495-n_lwKdVTVguAHMxhKGb08aYnYI0FU5CvBHuq79oiSTntU-1mHjxzULW6DLP3y6IfXCYIP0_4HJACTBaEM6QS91e3ETJbQgOWU7-R5H0hhcEl2_vs23-7Th-&sig=Cg0ArKJSzJ088iX_WeMlEAE&uach_m=[UACH]&adurl=
Frame ID: F31EB5B12FBE61DBF6A1A0317868DCD2
Requests: 9 HTTP requests in this frame

Frame: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BF9F430F41C73DEFEA19E81F0BB86187
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 4973EEA4071F99200D7DC359CE92B317
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Jornal da Manhã - 49 anos

Page URL History Show full URLs

http://jmonline.com.br/ HTTP 301
https://jmonline.com.br/ HTTP 302
https://jmonline.com.br/novo/ Page URL

Page Statistics

316
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

49
Subdomains

49
IPs

5
Countries

5118 kB
Transfer

10682 kB
Size

43
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send?1=pt_BR&phone=5534997777900

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jornaldamanhaonline

Search URL Search Domain Scan URL

URL: https://www.instagram.com/_jmonline/

Search URL Search Domain Scan URL

URL: https://twitter.com/jmonlineuberaba

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/+jornaldamanha

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCuXYHP6F11Pd4PQqeHcQKFw

Search URL Search Domain Scan URL

URL: https://classificados.jmonline.com.br/categorias.html
Title: CLASSIFICADOS

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=eCl4uWIDwEs

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/us/app/radio-jm-730-am/id842542235?ls=1&mt=8

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=app.radiojm.virtues

Search URL Search Domain Scan URL

URL: https://plus.google.com/u/0/b/104097516987860240174/

Search URL Search Domain Scan URL

URL: https://twitter.com/#!/jmonlineuberaba

Search URL Search Domain Scan URL

URL: https://companhiadamidia.com.br/
Title: DESENVOLVIDO POR Companhia da Mídia

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://jmonline.com.br/ HTTP 301
https://jmonline.com.br/ HTTP 302
https://jmonline.com.br/novo/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKy8QWvlHtdOPX7COZQz-0k&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZDNH3poSbNACsEp7bkakwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3dvkq4eInRHXCl5vbSMy0&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

Request Chain 177

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCvrJ-MIBCtAhitAjIIX1M0EkuXf-k HTTP 301
https://tpc.googlesyndication.com/simgad/14548085737319361353

Request Chain 193

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

Request Chain 194

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZDNH3poSbNACsEp7bkakwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

Request Chain 195

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAjNOl7_IoOgDqy2YVqAEq0&google_cver=1

Request Chain 196

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

Request Chain 210

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1

Request Chain 220

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1

Request Chain 263

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1

Request Chain 264

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

Request Chain 265

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1

316 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
jmonline.com.br/novo/
Redirect Chain

http://jmonline.com.br/
https://jmonline.com.br/
https://jmonline.com.br/novo/

145 KB
22 KB

162ms
161ms

Document
text/html

132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: f40beb637ee149120299e03d8b8122fa381e9f68f7154a3fd1889291d36da182

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Server: Apache
Cache-Control: max-age=0
Expires: Sun, 14 Nov 2021 08:47:25 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21804
Content-Type: text/html
X-Varnish: 893591546
Age: 0
Via: 1.1 varnish-v4
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

Redirect headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Server: Apache
Location: novo/
Cache-Control: max-age=0
Expires: Sun, 14 Nov 2021 08:47:25 GMT
Vary: User-Agent
Content-Length: 0
Content-Type: text/html
X-Varnish: 893591544
Age: 0
Via: 1.1 varnish-v4
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

GET
H/1.1 200
OK bootstrap.min.css
jmonline.com.br/novo/css/ 137 KB
21 KB 253ms
157ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/bootstrap.min.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 08c4b8a34966037c9dd8132cbb900c0031e2e63b723300fafc71b675e02b27b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Aug 2021 14:21:37 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 893591548
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 21060
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H2 200 jquery.dataTables.min.css
cdn.datatables.net/1.10.22/css/ 14 KB
3 KB 48ms
20ms Stylesheet
text/css 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.22/css/jquery.dataTables.min.css

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca31d3aa2364f2a372c1d9ed477be2b71852e7d3a98bb92476c19efe67024a48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:25 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 13735221
content-length: 2143
last-modified: Tue, 08 Jun 2021 08:47:53 GMT
server: cloudflare
etag: "12a0fca-371e-5c43d36bd5446-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6adef99928db4e9d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Wed, 08 Jun 2022 09:27:03 GMT

GET
H/1.1 200
OK style_teste_01.css
jmonline.com.br/novo/css/ 107 KB
15 KB 456ms
154ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/style_teste_01.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: df37212a432a8295e87e9955fdf8bfe014dabd93b63f9a2aff661117bd5862de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Nov 2020 02:40:42 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 894308407
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15238
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H/1.1 200
OK owl.carousel.min.css
jmonline.com.br/novo/css/ 3 KB
1 KB 462ms
155ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/owl.carousel.min.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 949994b508a79a53d531caa6a2c4083598535e6f2ab6133363692ec77c8d35fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 18:01:53 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 895124033
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 948
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H/1.1 200
OK normalize.min.css
jmonline.com.br/novo/css/ 2 KB
1 KB 460ms
154ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/normalize.min.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 0ba2a1ffeaa1a07b9dfe8052289ab23cfc71b61b26fa59ca11d587bfdaa71afa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 16:51:46 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 895746622
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 800
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H/1.1 200
OK fonte.css
jmonline.com.br/novo/css/ 7 KB
1 KB 468ms
156ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/fonte.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 9b7c35a8fc8aded39e112c5e53d554b40d51114feeff0edd31f6af3046bafa3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 16:53:34 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 893391007
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 685
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H/1.1 200
OK magnific-popup2.min.css
jmonline.com.br/novo/css/ 7 KB
2 KB 469ms
157ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/magnific-popup2.min.css?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 7113c8953f34b6484068344937294977a2cd60906aa4c84abc908ecd0e48bfa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:25 GMT
Content-Encoding: gzip
Last-Modified: Sat, 04 Jul 2020 19:20:33 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 892769428
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1764
Expires: Tue, 14 Dec 2021 08:47:25 GMT

GET
H/1.1 200
OK jquery-ui-git.css
jmonline.com.br/novo/css/ 29 KB
7 KB 557ms
155ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/jquery-ui-git.css
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: eafeaa400b74b29f2b3fa72bd36eee9abba3026e3dbbef42e35837e9e6600490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 18:01:53 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 895746625
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 6983
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.13/css/ 40 KB
10 KB 37ms
19ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:25 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1401311
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-request-id: WGC2J2K3FE60KDY2
x-amz-id-2: c/W9x5GPi9IVpJi6KHxIh6kl+UKQuLfcWRt/+LVVWj6LLFdkB+GTSo0+as2Zj8UZ1A8ZALynH8s=
last-modified: Wed, 30 Jun 2021 15:27:31 GMT
server: cloudflare
etag: W/"d61bfe9b56c13ecff5313ee3abb45e8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD8%2FbWmgsHbHmxJW2x7MGge39FqP9BcNHyW3IurxUEaj%2Bv7PbA%2Be%2FwHhjVdnf5GQ0gPoVbq%2FGB92IOcfog8i8I8CQqYDq7s2kjJ8nWSNlLXkdp6qu9GOHYypSsWLyhNH5G%2FmP8rY4uTBcnlHPPs2vfMs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6adef9991e1c2bdd-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1043 / 345 of 1000 / last-modified: 1636758328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: clear
content-length: 26742
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 08:47:26 GMT

GET
H2 200 7bf916a49e402b67b46d14c15829d33f_0.js Show response
cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/ 26 KB
9 KB 67ms
8ms Script
application/javascript 2a02:6ea0:c700::10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sendpulse.com/9dae6d62c816560a842268bde2cd317d/js/push/7bf916a49e402b67b46d14c15829d33f_0.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

d9d657d5468d01a5447bb3a897cbd23191275e1138d9d3c2fb1a95817f8d3112

Security Headers

Name	Value
Content-Security-Policy	default-src wss://* blob: data: sendpulse.com .sendpulse.com .sendpulse.com:4434 .pulse-stat.com .stat-pulse.com .pulse-stat.com:8080 .stat-pulse.com:8080 http://.sendpulse.com:4434 http://.pulse-stat.com http://.stat-pulse.com http://.pulse-stat.com:8080 http://.stat-pulse.com:8080 .sendpulse.ua .sendpulse.by .sendpulse.kz .sendpulse.cl .sendpulse.com.tr .sendpulse.ng .loginsrc.com .routee.net .bizml.ru .jquery.com .youtube.com .ytimg.com .vimeo.com .vimeocdn.com .tinymce.com .ampproject.org .hotjar.com .hotjar.io .ipinfo.io .highcharts.com .appspot.com .doubleclick.net .facebook.com .facebook.net .fbcdn.net .fbsbx.com .rawgit.com .cloudflare.com .jsdelivr.net .kissmetrics.com .bitrix24.com .quantserve.com .quantcount.com .twitter.com .offershub.ru .stripe.com .braintreegateway.com .mlstatic.com .cloudpayments.ru .woopra.com .jivosite.com .google.com .google.com.ua .googleadservices.com .google-analytics.com .googleapis.com .googletagmanager.com .gstatic.com .online-metrix.net .retently.com .maxmind.com .revisionme.com .yandex.ru .ymetrica.ru .mmapiws.com .bootstrapcdn.com .kaptcha.com .paypal.com .paypalobjects.com .mercadopago.com.br .mercadopago.com .braintree-api.com vk.com api.telegram.org .webformscr.com .yandex.net .cardinalcommerce.com .mercadolibre.com .supportsrc.com .instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: ; font-src data: ; style-src 'unsafe-inline';, frame-ancestors 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
x-77-nzt-ray: eukbEBS29Hk=
x-77-cache: HIT
x-cache: HIT
x-age: 322151
x-xss-protection: 1; mode=block
x-77-nzt: Abk73BBKO1f/Z+oEAA==
x-accel-expires: @1637162295
x-sp-ma: ma5
last-modified: Thu, 25 Feb 2021 11:25:29 GMT
server: CDN77-Turbo
etag: W/"6964-5bc2768a9194e"
vary: Accept-Encoding, Accept-Encoding,User-Agent,Host
content-type: application/javascript
cache-control: max-age=31536000, max-age=604800
content-security-policy: default-src wss://* blob: data: sendpulse.com *.sendpulse.com *.sendpulse.com:4434 *.pulse-stat.com *.stat-pulse.com *.pulse-stat.com:8080 *.stat-pulse.com:8080 http://*.sendpulse.com:4434 http://*.pulse-stat.com http://*.stat-pulse.com http://*.pulse-stat.com:8080 http://*.stat-pulse.com:8080 *.sendpulse.ua *.sendpulse.by *.sendpulse.kz *.sendpulse.cl *.sendpulse.com.tr *.sendpulse.ng *.loginsrc.com *.routee.net *.bizml.ru *.jquery.com *.youtube.com *.ytimg.com *.vimeo.com *.vimeocdn.com *.tinymce.com *.ampproject.org *.hotjar.com *.hotjar.io *.ipinfo.io *.highcharts.com *.appspot.com *.doubleclick.net *.facebook.com *.facebook.net *.fbcdn.net *.fbsbx.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.kissmetrics.com *.bitrix24.com *.quantserve.com *.quantcount.com *.twitter.com *.offershub.ru *.stripe.com *.braintreegateway.com *.mlstatic.com *.cloudpayments.ru *.woopra.com *.jivosite.com *.google.com *.google.com.ua *.googleadservices.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.gstatic.com *.online-metrix.net *.retently.com *.maxmind.com *.revisionme.com *.yandex.ru *.ymetrica.ru *.mmapiws.com *.bootstrapcdn.com *.kaptcha.com *.paypal.com *.paypalobjects.com *.mercadopago.com.br *.mercadopago.com *.braintree-api.com vk.com api.telegram.org *.webformscr.com *.yandex.net *.cardinalcommerce.com *.mercadolibre.com *.supportsrc.com *.instagram.com 'self' 'unsafe-eval' 'unsafe-inline'; img-src blob: data: *; font-src data: *; style-src * 'unsafe-inline';, frame-ancestors 'self';
expires: Wed, 19 Oct 2022 06:51:17 GMT

GET
H2 200 h.js Show response
cdn.unblockia.com/ 118 KB
22 KB 49ms
21ms Script
application/x-javascript 2606:4700:20::681a:786
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unblockia.com/h.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:786 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6dbbfb8b3917374cce32a674d0a42b331cbae4fecc07e51ab2f5e838d8898b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Nov 2021 10:38:35 GMT
server: cloudflare
age: 508
etag: W/"20590717e192dcbfb1558a26415b8d09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0A%2Fzp30mf8b8uc2qfB7n%2FqxxegEJegd9sLe%2FOgvthUT9EoiVJ01TuuOi4dTiYJJvAuW5pfk2aVWdMkdRKcx4HmKp%2BxZPUCgj2U1JY%2B1fuhMoZGh8CIeCdM88YkREcejlcz6o8bWkU7AlvufrzQ%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6adef99d58c868fe-FRA
x-amz-request-id: XK0JGTT25CE29QC1
x-amz-id-2: bxbBzAAE7ZZB6t1wBob0a92jfhfGBnRagsoVk/5SIJ3hDZ2ym4jipUl9n+Y4VaITB92+7gQIS3Y=

GET
H/1.1 200
OK icone-lupa.png
jmonline.com.br/novo/imagens/ 2 KB
2 KB 264ms
153ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/icone-lupa.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 7b5b2949c10d4230e07e424c6da1287e5214fb119d9fcaff6ba6cfed87c057ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 20:41:49 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:31 GMT
Server: Apache
Age: 17669137
X-Varnish: 893391011 10289203
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=98
Content-Length: 1918
Expires: Sat, 23 Apr 2022 20:41:49 GMT

GET
H/1.1 200
OK icone-radio-jm.png
jmonline.com.br/novo/imagens/ 9 KB
10 KB 254ms
153ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/icone-radio-jm.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 9ea287c85e69d2fe6d18a929d000b59f2d1565494484fb2d60ad3806063de13e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 20:42:18 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 17669107
X-Varnish: 895746629 11862048
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/png
Keep-Alive: timeout=5, max=95
Content-Length: 9639
Expires: Sat, 23 Apr 2022 20:42:18 GMT

GET
H2 200 jquery-2.1.2.js Show response
code.jquery.com/ 242 KB
72 KB 35ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.1.2.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 07cb07bdfba40ceff869b329eb48eeede41740ba6ce833dd3830bd0af49e4898

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
last-modified: Wed, 17 Dec 2014 14:12:49 GMT
server: nginx
etag: "54918f61-3c654"
vary: Accept-Encoding
x-hw: 1636879646.dop163.fr8.t,1636879646.cds204.fr8.hn,1636879646.cds124.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 73088

GET
H/1.1 200
OK 13112021.jpg
jmonline.com.br/capas/ 206 KB
207 KB 372ms
155ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/capas/13112021.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: bf2aed6f8c76ccf521d3740a6ddf78a7a09250df8445c604651191a0044d6e15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 09:38:30 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 09:37:51 GMT
Server: Apache
Age: 83336
X-Varnish: 892769433 891658131
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 211277
Expires: Sun, 13 Nov 2022 09:38:30 GMT

GET
H/1.1 200
OK jmtv-icone-play.png
jmonline.com.br/novo/imagens/ 1 KB
1 KB 151ms
150ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/jmtv-icone-play.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: d5239b0487bdd41122603af4a39ede1bd61a4c036c7734c6c817e7ac496f27c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:31 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 894308414
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1166
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H2 200 0.jpg
img.youtube.com/vi/eCl4uWIDwEs/ 35 KB
35 KB 52ms
21ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/eCl4uWIDwEs/0.jpg

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21a2f4c32f04d8a662ee0b19db395ac35a6a32019876730584749554b5e80b23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35553
x-xss-protection: 0
server: sffe
etag: "1634913589"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 14 Nov 2021 10:47:26 GMT

GET
H/1.1 200
OK 914e8a435957960fe765fa4025dc60f8.jpg
jmonline.com.br/uploads/avatares/ 38 KB
38 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/914e8a435957960fe765fa4025dc60f8.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: cf7208d17919b74aa5ac836e406f099548eb8bef441bcbded1d8f0ee60f7c644

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Thu, 18 Mar 2021 17:26:08 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894107818
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 38855
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 78329e6d3c0663cc0c46de1fcbd2dc52.jpg
jmonline.com.br/uploads/avatares/ 27 KB
27 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/78329e6d3c0663cc0c46de1fcbd2dc52.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 6331571851f7278399a23c7ef279c014bedf648884b069dd5f0cbb62b0faa778

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 19:12:21 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893591554
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 27627
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK c7b9742ac54a7eb49536058e9ad6ed7e.jpg
jmonline.com.br/uploads/avatares/ 32 KB
32 KB 151ms
151ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/c7b9742ac54a7eb49536058e9ad6ed7e.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: a6362e25499cbd55fc26f70447ad9ea9eaf60aa3c5e742a631a947b3335a8601

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Wed, 06 Feb 2019 16:48:43 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894308416
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 32768
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 7b50d48eaa57ce5cbb722fd72047d0f3.jpg
jmonline.com.br/uploads/avatares/ 28 KB
29 KB 155ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/7b50d48eaa57ce5cbb722fd72047d0f3.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 8afe6e17198607183f2547e4dcd4b8f79a484527d9c2ecee5a1f387399a4edd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 19:22:32 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 892769435
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 29138
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK f1a5c835a2313c486240238415123cbf.jpg
jmonline.com.br/uploads/avatares/ 31 KB
31 KB 156ms
156ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/f1a5c835a2313c486240238415123cbf.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 72aa1fceb44971072e004219cbca1e448120b5046485a0885c255afef690031e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 19:27:39 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893391012
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 31885
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK b23b40a021b73c6251ac5ef713840cd0.jpg
jmonline.com.br/uploads/avatares/ 25 KB
26 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/b23b40a021b73c6251ac5ef713840cd0.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 6a8b57f5cc2b0ed4f27a6bc804c8deeccaae3b6a9f905a2dd4f41e888e906aa6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 11 Oct 2021 12:59:00 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893591556
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 25875
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 7449a516cf934e9925bbfc78ea6393cd.jpg
jmonline.com.br/uploads/avatares/ 25 KB
26 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/7449a516cf934e9925bbfc78ea6393cd.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: d9ea4d0c46f465df1f6efca0096c6d199d3fab2a47d582f97f7758385d1753f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 19:37:09 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893591558
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 26021
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK aedf83abb73b4e691100bb9e316e88b3.jpg
jmonline.com.br/uploads/avatares/ 27 KB
27 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/aedf83abb73b4e691100bb9e316e88b3.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 539ff3a999e6ef2ebae8e8092c8e5358e8306fecf56b99be843b372af95189c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 19:41:33 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893391014
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 27137
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 73c8dc2779bb294abf7039e09587a0b4.jpg
jmonline.com.br/uploads/avatares/ 33 KB
33 KB 156ms
155ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/73c8dc2779bb294abf7039e09587a0b4.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: ec6151356068640a369ef53250fce99b5180a85eadf273c2025f5138e273575a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Fri, 29 Jan 2021 10:37:52 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 892769437
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 33682
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK deec543c003cba8c902d9aa4f2e8070b.jpg
jmonline.com.br/uploads/avatares/ 29 KB
30 KB 156ms
156ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/deec543c003cba8c902d9aa4f2e8070b.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: d6de7f0b6fc1eb1678fc10aabca8b893974fafee9049e0df5652dc51db74efc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Thu, 13 Dec 2018 09:27:24 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 895124041
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 30135
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK b672ffad083edca9d5bb9905868610da.jpg
jmonline.com.br/uploads/avatares/ 37 KB
38 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/b672ffad083edca9d5bb9905868610da.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 0fc140cb74358298ad25a41a332801c252d77f72748b40b8ed6bb12f52c7ca52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Fri, 19 Mar 2021 12:35:59 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894107820
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 38388
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK e1421f8f2874ce485d3b5951918ef561.jpg
jmonline.com.br/uploads/avatares/ 10 KB
10 KB 151ms
151ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/e1421f8f2874ce485d3b5951918ef561.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: c3b89adb1268b74d544346b1a864f50cd676d7180efac6b0f8ad94fef9d7a3b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Thu, 19 Sep 2019 19:50:14 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 895124043
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 10367
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK e71a266b0a8ddf745f5a217ebc1c0795.jpg
jmonline.com.br/uploads/avatares/ 27 KB
27 KB 158ms
158ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/e71a266b0a8ddf745f5a217ebc1c0795.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 15787836ac9df327acae1b49404def5b0a544e39a3c42d1d0000430f7ba7e424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 12 Jan 2021 09:39:56 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894107822
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 27517
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 1234415369b28452e4b579e1c5a6d3a3.jpg
jmonline.com.br/uploads/avatares/ 28 KB
29 KB 156ms
156ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/avatares/1234415369b28452e4b579e1c5a6d3a3.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: ea0853e4f5fabd820d14f6a25cafefbe960b2c63f8da2416b66b7bd5300a76b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sun, 03 Mar 2019 22:08:33 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 895124045
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 28875
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK icone-obituario.png
jmonline.com.br/novo/imagens/ 206 B
571 B 156ms
155ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/icone-obituario.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: dcdef891f73e0047412ae4f595661f8caedd1331a83af12a053613fc643aa896

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:31 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 892769439
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 206
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_magazine.png
jmonline.com.br/novo/imagens/ 3 KB
3 KB 156ms
155ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_magazine.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: c37e7c7b142c48b49d24d7c0252ee2877fa55f23bfcae0be35473b17cadf164e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 892769441
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 2941
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_online.png
jmonline.com.br/novo/imagens/ 2 KB
2 KB 159ms
158ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_online.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: e488cb47057ea3137178214c44e3533c65287dee6dde4cc2d10ba0bd66fb87c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 895124047
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 2174
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_jornal.png
jmonline.com.br/novo/imagens/ 3 KB
4 KB 158ms
158ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_jornal.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 27d421895da60ea13add6210a30bb8fc76b22e636d1de836b0407b0037691ea4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 894107824
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 3387
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_tv.png
jmonline.com.br/novo/imagens/ 1 KB
2 KB 156ms
155ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_tv.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 46631d3ff32f6c7978e6d63a807b3b6bc4a61b3545ee5ad05ba56d830096d4b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 893391016
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1427
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_radio.png
jmonline.com.br/novo/imagens/ 8 KB
8 KB 161ms
161ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_radio.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 0f18155ac468ab90d65b7df4dddbb11941efd1fb7f0240e3b685a079a2dbf445

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 24 Jul 2018 18:36:23 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 892769443
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 8135
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK rodape_jm_editora.png
jmonline.com.br/novo/imagens/ 9 KB
9 KB 154ms
154ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/rodape_jm_editora.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 6cc00fff35756f9b2d447a638195bd340507b9ad884addb442838e1b98505a6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:32 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 893591560
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 8823
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK gdpr.css
jmonline.com.br/novo/css/ 5 KB
2 KB 151ms
151ms Stylesheet
text/css 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/css/gdpr.css
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 07d75390564d260e9f5d987e26962dd1cd98ab1a7e465bb674721e39cdfe7413

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 04 Nov 2020 01:53:10 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Via: 1.1 varnish-v4
Cache-Control: max-age=2592000
X-Varnish: 893391009
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1463
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H/1.1 200
OK gdpr.js Show response
jmonline.com.br/novo/Scripts/ 33 KB
8 KB 156ms
154ms Script
application/javascript 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/Scripts/gdpr.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 1839389a0754ca843c3525814f1b10836e0f94dec6cf0b10af330b944bf5ffe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Sat, 31 Oct 2020 02:15:29 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Via: 1.1 varnish-v4
Cache-Control: public
X-Varnish: 895585061
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7476
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
844 B 47ms
17ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0e56b4c6d6603c198bb6f92d0cf363bef3c7e9d7d95080494263e8946b57b1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: clear
content-length: 556
x-xss-protection: 1; mode=block
expires: Sun, 14 Nov 2021 08:47:26 GMT

GET
H2 200 jquery-3.5.1.js Show response
code.jquery.com/ 281 KB
83 KB 32ms
13ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-4638e"
vary: Accept-Encoding
x-hw: 1636879646.dop109.fr8.t,1636879646.cds267.fr8.hn,1636879646.cds234.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84374

GET
H2 200 jquery.dataTables.min.js Show response
cdn.datatables.net/1.10.22/js/ 85 KB
29 KB 23ms
12ms Script
application/javascript 2606:4700:10::6816:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.datatables.net/1.10.22/js/jquery.dataTables.min.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:325d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c91c904fbfbe1fcb61c4e4cb955b35e8eb303f29d97a9f757c744fc6603a978a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 5379810
content-length: 29732
last-modified: Sat, 04 Sep 2021 09:24:42 GMT
server: cloudflare
etag: "12a0fe0-15216-5cb27fc62e90c-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6adef99cef084e9d-FRA
access-control-allow-headers: origin, x-requested-with, content-type
expires: Tue, 13 Sep 2022 02:23:55 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 46ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1436559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6458
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MqSLSpHkXUSjdd3bE5L6h%2F%2BBD%2FJ3FnoB2Z3XV2rH5Px4jnf1qTXYblpJX9jtDwkG6Dbi4Lc59d7TYMK7h9qGBpxO9WS%2B4S3fuQQVJA6UYiunHbAPw8tEOBTjOwHHov%2B5WAEvh2lDuaOqM2qrEoAYJjyf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6adef99d0bbb42cf-FRA
expires: Fri, 04 Nov 2022 08:47:26 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 53ms
24ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 565, 718, 718
age: 6303632
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 81a8294f52129c98a089096bf34d6342
cf-ray: 6adef99d0e4a2ba1-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 43 KB
11 KB 43ms
15ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1438222
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10158
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf0-ad36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSZ4o0U8GjTbDIcBIEvJ05Bbn9VzueVQCrVIJxJr68nAvgzGfhS0jmVvG8JFwypQSd8Eo7rWv3Kh0%2ByFQHQG%2BfjE4Vt8GBB8g0QKzyOphwNUug3GQJJTTj69nHS2dLzOL9dEVPTkKhvEiEY971ZuhfKW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6adef99d0f4d4309-FRA
expires: Fri, 04 Nov 2022 08:47:26 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/ 20 KB
7 KB 46ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 740278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6546
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-4ef8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9yImHMCJJFvJmUChBu7x4SkzaS37DcTq5LQRDmNnGU40WB7pgu0ZRlrVO0%2Bk5V15EJxEosi16IJx31pAx2QDkj0PeJzKr1q72JIN9vILXrONEGch2%2F2xSn4RY0ZBbBaK9fgTwl01sXIv9r0A5olOcwEc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6adef99d0f504309-FRA
expires: Fri, 04 Nov 2022 08:47:26 GMT

GET
H2 200 jquery-ui.min.js Show response
code.jquery.com/ui/1.12.1/ 248 KB
66 KB 18ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
last-modified: Wed, 14 Sep 2016 16:34:16 GMT
server: nginx
etag: W/"57d97c08-3dee4"
vary: Accept-Encoding
x-hw: 1636879646.dop163.fr8.t,1636879646.cds204.fr8.hn,1636879646.cds151.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 67751

GET
H/1.1 200
OK moment.js Show response
jmonline.com.br/novo/Scripts/ 50 KB
17 KB 166ms
158ms Script
application/javascript 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/Scripts/moment.js?1
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Jul 2018 18:36:23 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Via: 1.1 varnish-v4
Cache-Control: public
X-Varnish: 892769430
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16804
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H/1.1 200
OK scripts2.js Show response
jmonline.com.br/novo/Scripts/ 31 KB
6 KB 165ms
157ms Script
application/javascript 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/Scripts/scripts2.js?9
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: fe42856f6ec5f1b064e338a1bba082be11f582869bc3d3ff0db586c4534e158a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Sep 2020 13:12:14 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Via: 1.1 varnish-v4
Cache-Control: public
X-Varnish: 895124035
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6145
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H/1.1 200
OK layout.js Show response
jmonline.com.br/novo/Scripts/ 4 KB
2 KB 161ms
154ms Script
application/javascript 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/Scripts/layout.js?1
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 6fd8a6bf099b93a2d80f72b9dd60d93b32eb9bd2c50c4868e7fdea7a0735e762

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 18:03:35 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Via: 1.1 varnish-v4
Cache-Control: public
X-Varnish: 890329577
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1526
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H/1.1 200
OK maskedinput.js Show response
jmonline.com.br/novo/Scripts/ 6 KB
2 KB 154ms
154ms Script
application/javascript 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/novo/Scripts/maskedinput.js?1
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 1cb8b3a14d5756545adc3c8df621040eee4f26d66766dc22f287119771ec54d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:26 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Aug 2018 18:03:36 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Via: 1.1 varnish-v4
Cache-Control: public
X-Varnish: 895746627
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2107
Expires: Tue, 14 Dec 2021 08:47:26 GMT

GET
H2 200 jquery.validate.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/ 48 KB
11 KB 38ms
35ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.17.0/jquery.validate.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9acdf688876497bbcacf7a7c83d9fdfaa4a82b92fe574fe0d0083a59fde0daa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1508353
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11208
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-be24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BBh5yxmZLmdHa%2Fm4ayqRsO4XjNh4ve4s5BGd7mvZ6%2B%2F6YAteJNJCYcKGJ6nV4%2BtMrKjEyvTwxgqTAHqy6SBR0%2FALfwKrSiTj5FQix%2BL7S5sMaxNcoDU7AuJulMJ5OXvnsu6bAWT1XyeLj90xKnDGB1u"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6adef99d2fb94309-FRA
expires: Fri, 04 Nov 2022 08:47:26 GMT

GET
H2 200 pg.jmonline.com.br.js Show response
m2d.m2.ai/ 560 KB
160 KB 420ms
390ms Script
application/javascript 13.225.78.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://m2d.m2.ai/pg.jmonline.com.br.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-77.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c6e7cc21df4417259fe8a63e10911c9363aa4689d06aea74499a034a6449d09

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 03:26:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"33884c6aec9653b4a371c994e6bf1693"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 71dbd5706c5b0c7b733248e1171f2d4f.cloudfront.net (CloudFront)
cache-control: max-age=14400
x-amz-cf-id: Y2KDpAocjL0PVjqBLUS3LQ4dZdsvAqupKvxqoS196O1rxo2X5pXWjg==

GET
H/1.1 200
OK bg-radio-jm.jpg
jmonline.com.br/novo/imagens/ 25 KB
25 KB 232ms
150ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/bg-radio-jm.jpg
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/css/style_teste_01.css?8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: a4900d191b7434fc398e1d0ecf008be3f0bdf3b14dfc02921d807eec01cdff29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/css/style_teste_01.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 23 Apr 2021 20:42:24 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:31 GMT
Server: Apache
Age: 17669102
X-Varnish: 892769432 1736792
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 25177
Expires: Sat, 23 Apr 2022 20:42:24 GMT

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 12 KB
12 KB 27ms
23ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5377530
cf-ray: 6adef99d0bef2bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12188
x-amz-id-2: 9NRZjDss950ZJ92LdWum57bnt79t0LfQSJTxlD0FsnD0BLA+I2gv5rTqFWycxJF1JQQLtwxFGlk=
last-modified: Wed, 30 Jun 2021 15:27:47 GMT
server: cloudflare
etag: "33f727ccde4b05c0ed143c5cd78cda0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afgBqPT9bqRaIjys7Cv%2BSRaMFLc1ptOhKhk0u8fLT73JUdSBc%2FaWVZuuToaxWTUe7kM9OlZiBu8kAOoUR5ZjQYojatgVEDOp0wokXR5rlzaOV5%2BbkBkP8Y7Lk4zfPqcU9XHeUprTNyvpQqMxtFas6kW0"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: ACPW8G14RD8ZJP4C
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 40ms
12ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/css/fonte.css?8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 12:00:47 GMT
x-content-type-options: nosniff
age: 593199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14048
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 07 Nov 2022 12:00:47 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 60 KB
60 KB 20ms
16ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7108334
cf-ray: 6adef99d0bf22bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61336
x-amz-id-2: WSQ8jx7pRz+cF16cvFOu46nucho/FVdunlEq/DgrOtempvCKilAJ+5NM0tNaVI3J0xfX6/jT/Ys=
last-modified: Wed, 30 Jun 2021 15:27:47 GMT
server: cloudflare
etag: "3654744dc6d6c37c9b3582b57622df5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hD0hT6D9b6NTqe%2BVlSVgxEMvrqw4QRvjp%2FPRA3lP7QJqnAEySq%2FVdRVIh0OSHQphNducG7Gyj5bUwtA8mMXNktyWTkewuZk%2FSqsHyTSF3%2F6oPhM1vZcr26gOwZrJdJJrYORVmNna6JSLEWOp2aL4wiH"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: HJ04F1TV0W2S04W2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 49 KB
50 KB 27ms
23ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.13/css/all.css
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11277184
cf-ray: 6adef99d0bf42bdd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50372
x-amz-id-2: cvOrmZt7n67TchWQBfl3pJOCepD5ah4UqXEh53PYfVLVHPcSVYW1nOAqBPvnvRb0E0VdQzZvQRE=
last-modified: Wed, 30 Jun 2021 15:27:47 GMT
server: cloudflare
etag: "8a8c0474283e0d9ef41743e5e486bf05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6Bdd76ADEN0ZlzgLcOLEQ94gsgxTf4LERXJe32sIVpDINzWHev7k%2BaHz%2B1UB3IofHnDbuohOtijOpT7NiOTigAIRUGPXRUw6D%2BtF76sungFV47kCzSs0wVuZjGtMBI6%2B94nY5FGxXdLeYfn3wQ%2F%2Bxf6k"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 9XVAEPTWGPRHX3H1
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
14 KB 37ms
11ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/css/fonte.css?8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 14:30:08 GMT
x-content-type-options: nosniff
age: 238638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14544
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 14:30:08 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v15/ 14 KB
15 KB 33ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v15/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/css/fonte.css?8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:16:05 GMT
x-content-type-options: nosniff
age: 207081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14740
x-xss-protection: 0
last-modified: Wed, 11 Oct 2017 21:49:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 23:16:05 GMT

GET
H/1.1 200
OK live
appradio.app/ 97 KB
0 1895ms
260ms Media
audio/mpeg 148.72.158.239
AS-30083-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://appradio.app:8107/live
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.72.158.239 St Louis, United States, ASN30083 (AS-30083-GO-DADDY-COM-LLC, US),
Reverse DNS: condor3927.startdedicated.com
Software: Icecast 2.4.0-kh15 /
Resource Hash

Request headers

Referer: https://jmonline.com.br/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

icy-genre: Various
Date: Sun, 14 Nov 2021 08:47:28 GMT
icy-name: My Station name
icy-url: http://appradio.pro
ice-audio-info: ice-samplerate=44100;ice-bitrate=96;ice-channels=2
Connection: Close
Server: Icecast 2.4.0-kh15
icy-br: 96, 96
Access-Control-Allow-Methods: GET, OPTIONS, SOURCE, PUT, HEAD, STATS
Content-Type: audio/mpeg
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
icy-pub: 1
icy-description: Rádio JM FM 95.5_Site
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Icy-MetaData
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK 219143_1.jpg
jmonline.com.br/uploads/noticia/ 52 KB
53 KB 251ms
153ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219143_1.jpg?2
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: a78a98db78710433a1f312c7f47ac40106e64a7d53a957dffa8a113323e9bb02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:36:11 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:38:04 GMT
Server: Apache
Age: 674
X-Varnish: 895585063 895746267
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 53758
Expires: Mon, 14 Nov 2022 08:36:11 GMT

GET
H/1.1 200
OK 219147_1.jpg
jmonline.com.br/uploads/noticia/ 79 KB
79 KB 372ms
306ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219147_1.jpg?9
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: cddca2aac52b067bbcae6eccdb5a29d5336798ac878f9e28ac7d3d4352fdc2cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:43:41 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:43:09 GMT
Server: Apache
Age: 225
X-Varnish: 894308409 889939752
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=98
Content-Length: 80784
Expires: Mon, 14 Nov 2022 08:43:41 GMT

GET
H/1.1 200
OK 219146_1.jpg
jmonline.com.br/uploads/noticia/ 52 KB
52 KB 369ms
153ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219146_1.jpg?3
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 4ba4773f8313fdcc8bd0598c7a7e3a03073943b7845640c6fe37b2eed1ffe654

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:43:41 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:41:23 GMT
Server: Apache
Age: 225
X-Varnish: 895124040 890329468
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 52794
Expires: Mon, 14 Nov 2022 08:43:41 GMT

GET
H/1.1 200
OK 219149_1.jpg
jmonline.com.br/uploads/noticia/ 49 KB
50 KB 359ms
153ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219149_1.jpg?14
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 23b31ce93cbdd1de7660209c61bd14fe9b271fd225c62d93187b2401391e87df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 05:32:30 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:45:58 GMT
Server: Apache
Age: 11696
X-Varnish: 895585066 889939103
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=94
Content-Length: 50316
Expires: Mon, 14 Nov 2022 05:32:30 GMT

GET
H/1.1 200
OK 219150_1.jpg
jmonline.com.br/uploads/noticia/ 33 KB
33 KB 156ms
155ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219150_1.jpg?19
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 71f4aa22574b8d8c673f5861ad468e2a475a87713989b75f8c6b9b7a0d0e6c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:47:15 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 892769445
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 33649
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219151_1.jpg
jmonline.com.br/uploads/noticia/ 83 KB
83 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219151_1.jpg?19
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: de0e56e3a895b1d65889d66d788caf3feb48e05f0d18a23d75f9ca3154762ce7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:48:05 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893391018
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 84838
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219154_1.jpg
jmonline.com.br/uploads/noticia/ 35 KB
35 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219154_1.jpg?8
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 4349be317d65f0ab30165457b5e37dbfc0ef280fb979c4f73c38ab4c5902aab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:52:36 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 893591562
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 35405
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219155_1.jpg
jmonline.com.br/uploads/noticia/ 33 KB
33 KB 157ms
156ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219155_1.jpg?9
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: d9189f466d387acfa036f7dcab1c68d3707498268e0ba8b1815c687999373e9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:53:38 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 892769447
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 33941
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219156_1.jpg
jmonline.com.br/uploads/noticia/ 40 KB
40 KB 156ms
155ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219156_1.jpg?20
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 76b17180324cf042f1c87ace6d0ba80a1bf01fa1d1a267e1b74a85e5c89cc491

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:55:53 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 895124049
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 40746
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219134_1.jpg
jmonline.com.br/uploads/noticia/ 24 KB
24 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219134_1.jpg?13
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 58df268a49e6143e6a5c1d79cd3e5b1a894e7676948a11eee3ef86ca4a14d34d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 14:28:36 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894107826
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 24240
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219140_1.jpg
jmonline.com.br/uploads/noticia/ 47 KB
47 KB 154ms
154ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219140_1.jpg?9
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 77ce6b009affddee44b98ac187879e3f20266ec3c507a9e72f868da73fdae554

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:27 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 15:27:53 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 894107828
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Content-Length: 47903
Expires: Mon, 14 Nov 2022 08:47:27 GMT

GET
H/1.1 200
OK 219153_1.jpg
jmonline.com.br/uploads/noticia/ 63 KB
64 KB 161ms
160ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219153_1.jpg?7
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: ff4907cf284d638a9064d372a26013d999f89c7b1260b88a4304567bdae94ccf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 22:51:11 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 895124051
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 65005
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 200
OK 219124_1.jpg
jmonline.com.br/uploads/noticia/ 23 KB
23 KB 156ms
156ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219124_1.jpg?18
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 318fff9a9efd74524a89fbd610fb3511c63f684448566a4bd00cde27d56f1a0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 00:57:15 GMT
Server: Apache
Age: 0
Content-Type: image/jpeg
Cache-Control: public
X-Varnish: 892769449
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 23295
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 200
OK 219157_1.png
jmonline.com.br/uploads/noticia/ 286 KB
287 KB 159ms
158ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219157_1.png?19
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 91808e51a323e3895d06f09182ed5c6009f9c0e2c677829c98728ae33e69d938

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Sun, 14 Nov 2021 01:25:03 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 893591564
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 293114
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 206
Partial Content 2805.mp3
jmonline.com.br/uploads/audios/ 152 KB
0 157ms
155ms Media
audio/mpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/uploads/audios/2805.mp3
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Referer: https://jmonline.com.br/novo/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 23 Feb 2021 14:11:10 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: audio/mpeg
Content-Range: bytes 0-4451391/4451392
Cache-Control: public
X-Varnish: 892769451
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 4451392
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 206
Partial Content 2803.mp3
jmonline.com.br/uploads/audios/ 112 KB
0 156ms
156ms Media
audio/mpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/uploads/audios/2803.mp3
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Referer: https://jmonline.com.br/novo/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 23 Feb 2021 13:47:05 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: audio/mpeg
Content-Range: bytes 0-8184639/8184640
Cache-Control: public
X-Varnish: 893391020
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 8184640
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 206
Partial Content 2801.mp3
jmonline.com.br/uploads/audios/ 112 KB
0 159ms
159ms Media
audio/mpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://jmonline.com.br/uploads/audios/2801.mp3
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash

Request headers

Referer: https://jmonline.com.br/novo/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range: bytes=0-

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Tue, 23 Feb 2021 13:31:59 GMT
Server: Apache
Age: 0
Vary: Accept-Encoding,User-Agent
Content-Type: audio/mpeg
Content-Range: bytes 0-4258047/4258048
Cache-Control: public
X-Varnish: 894308418
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 4258048
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H/1.1 200
OK cmidia_thumb.png
jmonline.com.br/novo/imagens/ 2 KB
2 KB 153ms
153ms Image
image/png 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/novo/imagens/cmidia_thumb.png
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/css/style_teste_01.css?8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 1c83331cc31168f8f2f4c7d655437d2ff7368635e7d47954c47df17f517b5381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/css/style_teste_01.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:47:28 GMT
Via: 1.1 varnish-v4
Last-Modified: Mon, 06 Aug 2018 18:04:31 GMT
Server: Apache
Age: 0
Content-Type: image/png
Cache-Control: max-age=31536000
X-Varnish: 893591566
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 1601
Expires: Mon, 14 Nov 2022 08:47:28 GMT

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 48ms
23ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 08:47:26 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
596 B 38ms
16ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=jmonline.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

031d641ba4d2b9a3952275f19a3862d95d9c78d3ece3a9af5e31af435c7762bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 85
x-xss-protection: 0
expires: Sun, 14 Nov 2021 08:47:26 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/ 348 KB
136 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/yZguKF1TiDm6F3yJWVhmOKQ9/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Origin: https://jmonline.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3008
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 139079
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 21:26:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 14 Nov 2022 07:57:18 GMT

GET
H/1.1 200
OK 219123_1.jpg
jmonline.com.br/uploads/noticia/ 23 KB
24 KB 248ms
150ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219123_1.jpg?1308
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 6bf73d0a332b6cff2ae0f37d3d4a700ac9ae66bce6eacf3a530428462ef0887a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:45:20 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 00:45:19 GMT
Server: Apache
Age: 126
X-Varnish: 892769434 894206351
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 23750
Expires: Mon, 14 Nov 2022 08:45:20 GMT

GET
H/1.1 200
OK 219131_1.jpg
jmonline.com.br/uploads/noticia/ 23 KB
24 KB 472ms
153ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219131_1.jpg?1927
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: 09653050bc2ba6de4b89fa30c204ab327fb8bd6506170a2da0038747113d9065

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:45:20 GMT
Via: 1.1 varnish-v4
Last-Modified: Sat, 13 Nov 2021 10:15:22 GMT
Server: Apache
Age: 126
X-Varnish: 894107817 895123984
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=97
Content-Length: 23944
Expires: Mon, 14 Nov 2022 08:45:20 GMT

GET
H/1.1 200
OK 219120_1.jpg
jmonline.com.br/uploads/noticia/ 21 KB
21 KB 432ms
153ms Image
image/jpeg 132.148.23.221
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jmonline.com.br/uploads/noticia/219120_1.jpg?1390
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 132.148.23.221 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-23-221.ip.secureserver.net
Software: Apache /
Resource Hash: b46d3ed9649d3c54c996bdd0da527447599d36e054dd55d6ee879de2c6a6be39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/novo/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sun, 14 Nov 2021 08:45:20 GMT
Via: 1.1 varnish-v4
Last-Modified: Fri, 12 Nov 2021 23:48:09 GMT
Server: Apache
Age: 126
X-Varnish: 893591553 894107715
Cache-Control: public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Keep-Alive: timeout=5, max=93
Content-Length: 21258
Expires: Mon, 14 Nov 2022 08:45:20 GMT

GET
H2 200 fe629597eb47defc9ff1e96bbd47277c.js Show response
scripts.cleverwebserver.com/ 125 KB
51 KB 52ms
24ms Script
application/javascript 2606:4700:10::ac43:2825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.cleverwebserver.com/fe629597eb47defc9ff1e96bbd47277c.js
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d8adce1c950e605301ef9c7ba28a8edc2b37b26b3bcd9edff71123f0e28f9ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Nov 2021 07:54:15 GMT
server: cloudflare
age: 621
etag: W/"207596863534ae74b1ca96f515155dd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: UmJR1gqSqPF2xKoZDAnd_bygxaPKrclT
content-type: application/javascript
cache-control: max-age=1800
cf-ray: 6adef99f5cc668ec-FRA
x-amz-request-id: VJNSRJ988XW8A47D
x-amz-id-2: MXfXrSm6htwaiBnSDddT2nWoQru+/xfUTXGutqNYfAoZ1fmixw1EzJbTBifkRGLGBoxwn2dPxUE=

GET
H2 200 / Show response
ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/ 161 B
251 B 422ms
412ms Script
text/javascript 2606:4700:10::ac43:2825
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ui.cleverwebserver.com/3fb71065e38842a2b8e766d4ad87d4d5/
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2825 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.19
Resource Hash: ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.4.19
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/javascript;charset=UTF-8
cf-ray: 6adef99fbdb568ec-FRA

GET
H2 200 45235.php
sender.clevernt.com/transporter/ 43 B
354 B 171ms
65ms Image
image/gif 148.69.64.76
VODAFONE-PT Vodaf...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sender.clevernt.com/transporter/45235.php?ppuc=0&ppu=0&id=0&ref=aHR0cHM6Ly9qbW9ubGluZS5jb20uYnIvbm92by8%3D&ruri=&r=203789636&tok=33419711310201791433&op=called&wn=null&res=1600x1200&ts=0.004&cc=1&iv=-1
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.69.64.76 Porto, Portugal, ASN12353 (VODAFONE-PT Vodafone Portugal, PT),
Reverse DNS: are.clevernt.com
Software: nginx /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
server: nginx
content-type: image/gif

GET
H2 200 / Show response
a3.pubguru.net/ 138 B
435 B 35ms
9ms XHR
application/json 18.184.28.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/?device=desktop&domain=jmonline.com.br

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.28.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-28-70.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

1242d21c59ba368e07764c5451f54d6987bec7f59453a6556bb19c92250317b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://jmonline.com.br
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 0
vary: Origin
content-length: 138
x-xss-protection: 1; mode=block

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
352 B 24ms
10ms XHR
text/plain 18.184.28.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=immediate

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.28.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-28-70.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://jmonline.com.br
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 1
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 gfc.js Show response
cdn.pubguru.com/ 8 KB
9 KB 48ms
8ms Script
application/javascript 2600:9000:20eb:be00:5:3aaa:f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/gfc.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 1zDVHlGcx640ZLzoe7igwdx1_E7DY9Fe
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Wed, 14 Oct 2020 11:40:16 GMT
server: AmazonS3
age: 21119
etag: W/"c1441c4083795f70984ad8988cab61ba"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 14 Nov 2021 05:21:47 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 8643
x-amz-cf-id: KmGaCP8QKberGGyi3Sa68q9OMOdG-Zfsd50cczIA6nWN4C-FbNah6g==

POST
H2 200 stream
a3.pubguru.net/ 0
0 25ms
9ms Ping
text/plain 18.184.28.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a3.pubguru.net/stream?beacon=test
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.28.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-28-70.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 tc-modernizr.js Show response
cdn.pubguru.com/ 55 KB
56 KB 8ms
8ms Script
application/javascript 2600:9000:20eb:be00:5:3aaa:f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pubguru.com/tc-modernizr.js
Requested by: Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:be00:5:3aaa:f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b78222040390c142b5db713e2056cdce01d935a8a289fba890281a4867dddda1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 19:07:12 GMT
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jan 2021 14:02:53 GMT
server: AmazonS3
age: 49215
etag: "7397d6933f0607215d5803ac483dccf0"
x-cache: Hit from cloudfront
x-amz-version-id: wK1yK.seBcNMdh0KRrdWih.NVUUalRr_
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: application/javascript
content-length: 56491
x-amz-cf-id: U8avLRP43tMS81bVVKPA4aX_Nr5kW1o7PH8E_H3-j2UJXfrpzzGDwA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 155ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dec2c3ee7244f2a70b4d64e10cb807587a342438fdf883eb923bad943aeb430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 51310
x-xss-protection: 0
server: cafe
etag: 9131330116342192726
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
53 KB 159ms
35ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-38QMJ3

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2afb060aaee5219803ecfbb23a2886b86946ad7200f44deb2b416540f29658dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 53749
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
424 B 130ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jmonline.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
424 B 128ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jmonline.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: clear
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
8 KB 276ms
275ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_top_ad&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=m2_pageview%3D7075-211028-b6b%25400%26m2_session%3D7075-211028-b6b%25400%26m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646536&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=273&adys=504&adks=3143867607&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x1&msz=728x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7143c641fc852660b265f9379653ccd0b8bb793e61ee1429935b1e7f68af3fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7395
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
26 KB 572ms
572ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_mid_ad_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646543&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=549&adys=1022&adks=777013210&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1140x0&msz=728x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0813004d02aef3b1897a11fbc73c26e6229478879b60745d09feec4d843f5a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 26648
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
28 KB 946ms
946ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_side_ad_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646545&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=1078&adys=435&adks=3811221894&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x254&msz=300x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ced9c0457386bb8e877fd2a6113e92c5a8fd6516095c516878e7000d66e106a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 27991
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 1120ms
1120ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_side_ad_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646547&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=294&adys=1054&adks=3111511921&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=350x0&msz=302x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ca78fe094de86e891cef0f01a849a07a8b6ab49f2981401b0f556627025c140e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 10467
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
7 KB 1607ms
1607ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_mid_ad_1Lazy%2C1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646549&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=3639&adks=1044922926&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x1&msz=728x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

e949460640491ca1cf362a0673c03f4d746fc56a59a94d261d2f140791e29f1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7482
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
8 KB 1299ms
1299ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cjmonline_mid_ad_1Lazy%2C2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646553&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adxs=436&adys=3426&adks=341616131&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x1&msz=728x0&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=4&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

956c4d2eb4abe4e503f562009c0960e6a668265ae77717ab8983566f9b128d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 7526
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
31 KB 1845ms
1845ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3599606928614434&correlator=2761625573436550&output=ldjh&impl=fif&eid=31060838%2C31061814&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211114&iu_parts=33239014%2Cpg_interstitial_jmonline.com.br&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=m2_canonical%3D422bc11527578f522a91ef0d7f477690%26m2_canonical_session%3D422bc11527578f522a91ef0d7f477690%26m2_config%3D7075-211028-b6b%25400%26m2_stack%3Denabled%2Cadx%26utm_term%3D%252Fempty%252F%26utm_source%3D%252Fempty%252F%26utm_campaign%3D%252Fempty%252F%26utm_content%3D%252Fempty%252F%26utm_medium%3D%252Fempty%252F%26m2_tc%3Dtc-init&cookie_enabled=1&bc=31&abxe=1&lmt=1636879646&dt=1636879646556&dlt=1636879645129&idt=920&frm=20&biw=1600&bih=1200&oid=2&adks=4127070662&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=382171589.1636879647&ga_sid=1636879647&ga_hid=746737007&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a9a61c761966dbf1fe2ea023be3d053adcc52d5c7d8d58ba2316f490755a4ce6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 31627
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
16 KB 1828ms
1828ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b2664210b80f21fee3e35f79d873c29ded7c43e03aadcfcc649f704c909b18d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16249
x-xss-protection: 0
google-lineitem-id: 4902356854
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138255382566
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CE93 6 KB
3 KB 54ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: clear

GET
H2 200 pubads_impl_page_level_ads_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 24ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13474
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 14 Nov 2021 08:47:26 GMT

POST
H2 200 tc Show response
a3.pubguru.net/ 61 B
356 B 14ms
14ms XHR
application/json 18.184.28.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/tc

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.28.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-28-70.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

7106fc7a8a57bd3515049560e573cb31911735db6d9fef39321b159ffe24d50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://jmonline.com.br
x-frame-options: DENY
content-type: application/json
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 5
vary: Origin
content-length: 61
x-xss-protection: 1; mode=block

GET
H2 200 AGSKWxUMifmFeFyHFRF48NGNw19R5FL-YC0tJIjynZjLPQHLUemDIOZ_cdh-yPKhYRT9uTkJnZo7egnWSK7FTYlCa1g= Show response
fundingchoicesmessages.google.com/f/ 76 KB
27 KB 78ms
41ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUMifmFeFyHFRF48NGNw19R5FL-YC0tJIjynZjLPQHLUemDIOZ_cdh-yPKhYRT9uTkJnZo7egnWSK7FTYlCa1g=

Requested by

Host: cdn.pubguru.com
URL: https://cdn.pubguru.com/gfc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c92e7b0ecca2c2d54bdf7cafc97f199fea3fd24b2db849d0d1a97a9cd9ac8311

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxTScNvTo9d2phtIJYVgIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KxTScNvTo9d2phtIJYVgIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-KxTScNvTo9d2phtIJYVgIg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-KxTScNvTo9d2phtIJYVgIg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: clear
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 47 B
47 B Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: text/javascript

GET
BLOB 200
OK 30ed4284-c999-468b-af0a-abc4ec967dd5
https://jmonline.com.br/ 47 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://jmonline.com.br/30ed4284-c999-468b-af0a-abc4ec967dd5
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Length: 47
Content-Type: text/javascript

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/ 268 KB
97 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3225730839865945&plah=jmonline.com.br&bust=31063703

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f73deee728e30afb499760c87623eb1bf65458f573f365fe0e28d6fd2a83d92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 98702
x-xss-protection: 0
server: cafe
etag: 7702745790552000029
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 1381 11 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 14 Nov 2021 08:20:20 GMT
expires: Sun, 28 Nov 2021 08:20:20 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 1627
cache-control: public, max-age=1209600
alt-svc: clear

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6831 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

POST
H2 204 AGSKWxVamkKyemxScNWON_YcnwEY7lSG-magwspMWjsU9u42SbL1SaxfWjbg6TTl25RuxqQGcPCh4yYR_ahb0fy4MB0= Show response
fundingchoicesmessages.google.com/el/ 0
774 B 42ms
21ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVamkKyemxScNWON_YcnwEY7lSG-magwspMWjsU9u42SbL1SaxfWjbg6TTl25RuxqQGcPCh4yYR_ahb0fy4MB0=?pvid=1BA4BD0F-88E7-4DB1-8964-32932A91B774&anonid=82ECA45A-E4EF-4936-A029-53D037E2D2CC

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.WdcIXdzlIK0.es5.O/d=1/rs=AJlcJMz0O7c97JjLcrpv3EAiXzZgQxNl6A/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-znozA4NLZxnkJZ+LBaY3BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-znozA4NLZxnkJZ+LBaY3BA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-znozA4NLZxnkJZ+LBaY3BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-znozA4NLZxnkJZ+LBaY3BA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVamkKyemxScNWON_YcnwEY7lSG-magwspMWjsU9u42SbL1SaxfWjbg6TTl25RuxqQGcPCh4yYR_ahb0fy4MB0= Show response
fundingchoicesmessages.google.com/el/ 0
531 B 42ms
29ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3FlvDSDMQC0tzuy5uWd9XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3FlvDSDMQC0tzuy5uWd9XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-3FlvDSDMQC0tzuy5uWd9XA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3FlvDSDMQC0tzuy5uWd9XA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUjnAySeL3iHAMu4UgbZmQmrVhZ5eVXsdCjKLp3tMnw67kGS6_7Rsw3LGCma0htfcWZv-dErWZMt0Sn-3nlU9c= Show response
fundingchoicesmessages.google.com/f/ 40 KB
16 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUjnAySeL3iHAMu4UgbZmQmrVhZ5eVXsdCjKLp3tMnw67kGS6_7Rsw3LGCma0htfcWZv-dErWZMt0Sn-3nlU9c=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2ODc5NjQ2LDk2NTAwMDAwMF0sIjFCQTRCRDBGLTg4RTctNERCMS04OTY0LTMyOTMyQTkxQjc3NCIsIjgyRUNBNDVBLUU0RUYtNDkzNi1BMDI5LTUzRDAzN0UyRDJDQyIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vam1vbmxpbmUuY29tLmJyL25vdm8vIixudWxsLFtdXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3998b6326df9560efe1b75c2a4bb91068a098439e7fd1489ea6bfb3f59d9ca3e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bb/DA6RRKWa3yo0FPua+gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bb/DA6RRKWa3yo0FPua+gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-bb/DA6RRKWa3yo0FPua+gA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-bb/DA6RRKWa3yo0FPua+gA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: clear
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-38QMJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2781
date: Sun, 14 Nov 2021 08:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20006
expires: Sun, 14 Nov 2021 10:01:06 GMT

GET
H2 200 hotjar-957933.js Show response
static.hotjar.com/c/ 4 KB
2 KB 57ms
38ms Script
application/javascript 13.225.78.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-957933.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-38QMJ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.69 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-69.fra2.r.cloudfront.net

Software

Resource Hash

27ff0721aab1160698ab6898c1a23268c27e1e61f57ceae21859a63527457048

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/3595fdf4c5e2b58d5d44074b6722e779
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1916
via: 1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-id: i_hqtTBm3t7DMqVsnWera5UU2ve9JfZRq5BIjFzOMa2J-0zuSCjw-Q==

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9DC1 624 B
593 B 19ms
18ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhiy_ve6ATAB&v=APEucNXxaNs7gXQVJMKUopywwX8fEAflD3J3Y5FCgBH9Q8LH5g-JB8Rj3L94tAn7y0Rzcj_raMp1t_2ds_g8GqSLm-NcXRrdSuzMTgR6oyJP9rC2WgFEZrg6OWdegMI1YZ5mW-Ffa8bZorQHs8zFCYC3V6sM6ygVspAMQF-MHkjgTV0ZkAnUhmk

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 08:47:27 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6831 58 KB
29 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwkM7fYahPnIjYPs5M_RqZf7pqEyPLvkkKmz1vEGwAn1pHJ2Mi9SV5tETlNAc8_QfF-pJflWbRF75KTvyM3AedqXeXbcC-Z6LAsY5dyo3K9eM8c3OmgMGTr9ENxdTEmbOMsADdFNQefVv0aowit4CxI_LECw&dbm_d=AKAmf-B1GCd4PxggjBetDACZu8lNC7SnXivBbAdwX3I8kCcn_cZ6DvVifBESiUpTtcQ20RR4Yf8Aco7t-WqVGzMnGb_w7eKxCAy_wPaRA8oXvCilQlPYHX5rtXQN2_PY8wrhYPfgv2lDnTYjUp6UYcltrfJoJCoSV86nKaRk8eKGYv8IFx40z6F4bMagwyZMuEOtoi37Q82rNCr-qXqE1xp7nV_ohIPml-t-_Z5FI0akWFzuf1i16DG9P91ueKNXXkA0sjCZPH03nN903JhE0JU41mIFypVrE7AREzbMWJZ1TloYeK5ig2ph3ySrTJMFOkRtBZBnL53ofDVXr88O8NhsCsPXMULd-0UbNeU04ujftVyR7-3b7TxJxUlJvexICpGKl3qmbYRyVCOfQI7gMrmAa5V2CvZyoDl1qmZpNlFgGPB0Zp-Jv8xPqYHay3Gf68ixmUV-sNoQLl8VeI5tGqyiYxhh008avTUXwPL3_3ahjYqk3e-6SX7Qz06rORWCIQkcu4kMeTXDtRf0OBI0FyVXOkMztJNsA4NJputXfQ-bhwaNeeNRYf1caR5IsCy5sEHNyftQn0Xq5zWxrmXzCQpwSsP7xtOLNqqxKfhd3kCvgeXWgoCd4QwURsDBiJX_I8u4dB0KcGgEibK2wZZam-fbi0Ndesf_JZ_8ynFckojSWFHPNqD9owmfYd4bPXSl-gbAoatzXSB-C-3AIn4yz_SrVlYDNQqbwy9rSBWN1FgqqNaHX-Wj0CdAAOGwNtfvxTw8DXng1VYAQUB9W71lqknCItX0tL_Zy6H6Qqbnzy1uRXtmLJJy-I0A9rC8FEdYCChq35FmXbF9ZZA08qxMSFNw8X6WpDXe4CsTchjPr8F_vfWSvGm1xbJH3lDxYmKW4M7fNwN24H8Orj0pETfgViGsVcssS1h1UvNzOc9oVYsiud0dE9Tknh-6gFo6xYHNKlzGCbRUJCTMkU1_LBCsBjIReZVmtJ0w_h4fVfupJDM1fJ40qbdU0_GO6Ov1f3nCTO6yoIlNlZOY-K8Z94-kjOj9DixpWr2fa1Fg4sJaqOLBnXe252CrRd103ArPiFkqTB91mgaCCugCFE3QAu6ZOVbydl83XBJosSHz_1LOLtbl5V3dLaWZgyHO0KgvyK03vDsn6UrcuHGNMgilRF7dv6AJt9hRp80AKW2tVDUWEsQjTPJgM0pQpyPwnJAOTcObF15mOVUNM1qftH5wNH3aNOHUWIlTZhApiRSsm2QWqwKpE6oNCbUESOmGQrYp1anUNmTMlCJlOXqH5vgu9Hs6xccgQ10x68QzLx2_9IrtZEzddnl0nCK0yw5pdqXGpBWBBuIesERXh1paOpsIRvFll0AF5v-QkrE6b4tJRvS8yoCEG-LaRLNyf80uX-XnNYvshZs4zqn4TIMY4VeNImSE6FYC4cTHnfFvyKxylIgrNsnO0rY1U3-jov9dG-T--LC-sNootYdr393K9SGDw_PPbo0rxuA-HaddM-LKu3CY6yS0V7ACcVMEctG8NY_lEh2eFbpbZOP87XVvoBNAUVTMajDnbqOH6dLQLWh1cqXK0zM4LcZP1UL3BpDSGk6rBp8a3gFS0VRUKGUhb81K0k6GDVYwFfFMKYWN9KA1AsMfXCzCfYKUOFGqVWTK7DDaC1d6IxJhMznzbSHBRRf0V21nttzGMXSKc9DpsvzaXHv6t_HfLBCYpxCieJVYPQTuQTJD1PyZ5vDjgr3TkNa9QASNCgLHvwy2sRVZ--16RdylIkkEHkcG0NF1hbF5y-Dp1xvR_Rdx8eRsC-EU0VEp7uKuJRIpV8WZoWHHnmo2Im-gpcY7NWCro5CHRO0AizsmV8SQbmGTURtcwSKEsx1QQF-y9c-VZLmQ76lxOfAiLRKrOKfATQvqdwYeAC7CmlTUbnYHqu2JVBFPiZ3zNVJN-GNQgkEvpUqg6hGtPPLT-0xFBJa03NwQ-slviMy6FyMiqyLTFeY9DuUg9tm5_CVYwkQvqZ1Xdg61eudwqcZPUmpPr7vJRK1yMQotfraEOsSrToKS2SX0KDnbpCQZcQd554c2AlpDCFR-E6fIYU6OYJ8dQQRlMZkFckoijLBZKdFoRZqk-HZVG2q2qFvamHLCF0cktCa0B80NH545vIekah5Gh2vh_jk5cbt3rpzD26DZuMg5dTb-8U-7aij8YWny9EMsbG3PKVPPBbbyCjlTtpQ1vFHkAjCkwWadPPSMjjdf0wNw9W6udAAcAoOT-scVzKTCSsl2XT-ePOioGIwcLaw4JjkPdaAn5nn1qZ_rTfuw10nIOXSJTCydjf3ZNE4xPRclL5gi1mtzlxb6qPYSFGda2Mel3JJVOmgWNcRSJum8PbVOK3XnVENTJt_tYKhkkm-loOioA8G5lNSsQ0nVUofNoe_SjCcJXAixF8Y46YEqZbmtuHG_ua45_9rn-YtV747bxsAAzpJ8m3OnUoWBknH5ayUdPWG4oGHK-GUmCYobih_zW6KA-RLNwew02dznYq3oh1WiZFBHFmhfLF8TiwumlbsSZ5RgkL-gzwgPtNcH5yXO58iEvbp9PFX_oWhSjNwBNuu-__C_wH9KMR1vrcFzk4ZWzgp0NZ8i7YXtlodSqI6vKfvlteWN-bSy1G1Vc-autMJtIJoRBuSZa7d8IufpeIj_V21foMsNg-VRIEQwKkEjquxwkgJ5rZ4EgzqNhXFAavMfQTzRSEyOB8jkWE4KBG_JQzPNuTNsLwBBhNCYCdrnyfI8vlJG_gNlqZSnGqJofPcg-3gUyvQ1P326_s_M1TU7lohcZ7EyhNc_zOOIYOxX5-lND-HzAaBL4ZsNAEH-pTX9ilThanuLn8B6xrFO8J9TP2iptp0EUu8N1na1waAMoYoIgTOXjl_8NgzBwNY3-H_-5MRFpINgb_tQxACzq9Z7HBgL_Yu6DPKlsySpZOxunbyWov3K-iv_PglzA5O9Ib_hBs6tdaePrkUwe5gyXnF66iJiY586dVYvySkQGOKkk9rdUfCh7w47H9TUDEX8T2RzdTGNjHxe-kKGFH_F3AHyrL2HF4q5loPpdbS6MjhVfjp0eV1QoE79OlQNPaVWCJI6G0Hll1LjMU97VZ2PbSAf3IR5fzQJj5HxA0xd8ft-d6WFKWTWEnxQWahdeQkdm4NY5ONjsivI4uZiU-JtWsnuEVoo6cIj0JOGCZcHiH1zTlnWf6N_29WT&cid=CAASFeRokCmyzhJGNOTnAFaswxdSqyVkiQ&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a755858bf56228bf6d638fa07a817d897de5c9fe4b0f40aceb310aee47ec4c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 29411
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6831 42 B
173 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACki2TLdzxwKoX-0jl9tk1PA_rq5FziMQtgGX23vwM3L-9KFd7AgGPttyhWLsbuGryLE9IkcOWpoIPyU286kTWZDEkeMk8QSDpDO1CtUo6ICgxjeE

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6831 2 KB
1 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6831 119 KB
37 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 6831 15 KB
7 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

GET
H2 200 modules.dad547d55d09325865c9.js Show response
script.hotjar.com/ 224 KB
59 KB 31ms
10ms Script
application/javascript 13.224.186.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.dad547d55d09325865c9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-957933.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.186.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-186-39.fra2.r.cloudfront.net

Software

Resource Hash

d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 17:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 314481
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60319
access-control-allow-origin: *
last-modified: Wed, 10 Nov 2021 17:25:15 GMT
etag: "20ec4d522a02fcf0254cd43ea667f540"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: G5li0r3AcoNCEK8LAt6zHXMxpo6LekVJnSFCw9hpBGt0EoVM7ovmcw==

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 89 KB
36 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PQDK72H&t=gtm4&cid=382171589.1636879647

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

024c04b7dea180957db3edc6f68ec2ef4b4276a70106d34d0f6ef41c2445a7e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 36053
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 14 Nov 2021 08:47:27 GMT

POST
H2 204 AGSKWxWFx1hqQOVP7l5rfX5QvIo8DhNlJvlYHfxsVzLL_TN62XlHzZ8yxqO5hLBNlb2pW1ZiZBxPKfKkw6i7gKb-j6Q5WB4fgNAJ6eVh3DSdm6yisvkUCLNobjAKHaJAy7lfuGDVKh_tvcqozgBP54zU7oLxWitwdKkyT7rIdr4jjhM25DFqf1KlQieVHSip Show response
fundingchoicesmessages.google.com/el/ 0
362 B 24ms
23ms XHR
text/html 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWFx1hqQOVP7l5rfX5QvIo8DhNlJvlYHfxsVzLL_TN62XlHzZ8yxqO5hLBNlb2pW1ZiZBxPKfKkw6i7gKb-j6Q5WB4fgNAJ6eVh3DSdm6yisvkUCLNobjAKHaJAy7lfuGDVKh_tvcqozgBP54zU7oLxWitwdKkyT7rIdr4jjhM25DFqf1KlQieVHSip?dmid=d5853004ee04bc73

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2SignalJs.de.Uoj1fnN1OuE.es5.O/d=1/rs=AJlcJMx-wQ63VjB7nOUORJIDNH1syJUWqg/m=iabtcfv2signalscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tb2hLMNcFFO6k2V7HTJpog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tb2hLMNcFFO6k2V7HTJpog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-tb2hLMNcFFO6k2V7HTJpog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-tb2hLMNcFFO6k2V7HTJpog' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxW2vg0EMHpFZeSydHVEA9131EFxenB-VbGcKhoN0WfmdPqD1sn_kK3hWST7Op2GHtm1eBnYm-7RWwV51zGqgUZYmjzXpI5e03eZ78RKqep_V7AQz8F5cxxBJb2PFyW57ufinZiXhjCIQw-WjQdl8IXtHIqZuZ9T_Daw9-8sC_8yfYdu2cSvTOufdkfB Show response
fundingchoicesmessages.google.com/f/ 40 KB
15 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW2vg0EMHpFZeSydHVEA9131EFxenB-VbGcKhoN0WfmdPqD1sn_kK3hWST7Op2GHtm1eBnYm-7RWwV51zGqgUZYmjzXpI5e03eZ78RKqep_V7AQz8F5cxxBJb2PFyW57ufinZiXhjCIQw-WjQdl8IXtHIqZuZ9T_Daw9-8sC_8yfYdu2cSvTOufdkfB?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2ODc5NjQ3LDk1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDEsbnVsbCwiZW4iLDBdLCJodHRwczovL2ptb25saW5lLmNvbS5ici9ub3ZvLyIsbnVsbCxbXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e321d55f41dc5ecbfb7744f6a84da91fe6a7fa670b032969ee4f9535ecb80382

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QQ7Hi0O04eJZQeOfql3bVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QQ7Hi0O04eJZQeOfql3bVw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-QQ7Hi0O04eJZQeOfql3bVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-QQ7Hi0O04eJZQeOfql3bVw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: clear
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKy8QWvlHtdOPX7COZQz-0k&google_cver=1

43 B
1014 B

14ms
14ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKy8QWvlHtdOPX7COZQz-0k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhiy_ve6ATAB&v=APEucNXxaNs7gXQVJMKUopywwX8fEAflD3J3Y5FCgBH9Q8LH5g-JB8Rj3L94tAn7y0Rzcj_raMp1t_2ds_g8GqSLm-NcXRrdSuzMTgR6oyJP9rC2WgFEZrg6OWdegMI1YZ5mW-Ffa8bZorQHs8zFCYC3V6sM6ygVspAMQF-MHkjgTV0ZkAnUhmk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 08:47:27 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKy8QWvlHtdOPX7COZQz-0k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9DC1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZDNH3poSbNACsEp7bkakwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

43 B
894 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhiy_ve6ATAB&v=APEucNXxaNs7gXQVJMKUopywwX8fEAflD3J3Y5FCgBH9Q8LH5g-JB8Rj3L94tAn7y0Rzcj_raMp1t_2ds_g8GqSLm-NcXRrdSuzMTgR6oyJP9rC2WgFEZrg6OWdegMI1YZ5mW-Ffa8bZorQHs8zFCYC3V6sM6ygVspAMQF-MHkjgTV0ZkAnUhmk
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:27 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 08:47:27 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9DC1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF3dvkq4eInRHXCl5vbSMy0&google_cver=1

43 B
1006 B

11ms
7ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF3dvkq4eInRHXCl5vbSMy0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLrx3QIQsPTiAhiy_ve6ATAB&v=APEucNXxaNs7gXQVJMKUopywwX8fEAflD3J3Y5FCgBH9Q8LH5g-JB8Rj3L94tAn7y0Rzcj_raMp1t_2ds_g8GqSLm-NcXRrdSuzMTgR6oyJP9rC2WgFEZrg6OWdegMI1YZ5mW-Ffa8bZorQHs8zFCYC3V6sM6ygVspAMQF-MHkjgTV0ZkAnUhmk

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:27 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a1a1119d-856a-43d6-bbb8-34b35a783d64
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF3dvkq4eInRHXCl5vbSMy0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 9DC1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

170 B
243 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:27 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b9b5e647-b11c-4b11-8cbc-d9734fb7b8d4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 box-028f986f575e1b13474634857daa6bfc.html Show response
vars.hotjar.com/ Frame E53C 2 KB
1 KB 28ms
8ms Document
text/html 13.224.186.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-028f986f575e1b13474634857daa6bfc.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-957933.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-21.fra2.r.cloudfront.net
Software: /
Resource Hash: 8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

content-type: text/html
content-length: 1044
date: Mon, 08 Nov 2021 14:05:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "1502011b9c345a816e17e09cda9762e1"
last-modified: Wed, 20 Oct 2021 10:53:36 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 82TtXGHnYR1esyKlQaeXZ6V0aYn6zTZ9uiWCJd1SMaJONFK2xlubtw==
age: 499333

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 6831 24 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BwkM7fYahPnIjYPs5M_RqZf7pqEyPLvkkKmz1vEGwAn1pHJ2Mi9SV5tETlNAc8_QfF-pJflWbRF75KTvyM3AedqXeXbcC-Z6LAsY5dyo3K9eM8c3OmgMGTr9ENxdTEmbOMsADdFNQefVv0aowit4CxI_LECw&dbm_d=AKAmf-B1GCd4PxggjBetDACZu8lNC7SnXivBbAdwX3I8kCcn_cZ6DvVifBESiUpTtcQ20RR4Yf8Aco7t-WqVGzMnGb_w7eKxCAy_wPaRA8oXvCilQlPYHX5rtXQN2_PY8wrhYPfgv2lDnTYjUp6UYcltrfJoJCoSV86nKaRk8eKGYv8IFx40z6F4bMagwyZMuEOtoi37Q82rNCr-qXqE1xp7nV_ohIPml-t-_Z5FI0akWFzuf1i16DG9P91ueKNXXkA0sjCZPH03nN903JhE0JU41mIFypVrE7AREzbMWJZ1TloYeK5ig2ph3ySrTJMFOkRtBZBnL53ofDVXr88O8NhsCsPXMULd-0UbNeU04ujftVyR7-3b7TxJxUlJvexICpGKl3qmbYRyVCOfQI7gMrmAa5V2CvZyoDl1qmZpNlFgGPB0Zp-Jv8xPqYHay3Gf68ixmUV-sNoQLl8VeI5tGqyiYxhh008avTUXwPL3_3ahjYqk3e-6SX7Qz06rORWCIQkcu4kMeTXDtRf0OBI0FyVXOkMztJNsA4NJputXfQ-bhwaNeeNRYf1caR5IsCy5sEHNyftQn0Xq5zWxrmXzCQpwSsP7xtOLNqqxKfhd3kCvgeXWgoCd4QwURsDBiJX_I8u4dB0KcGgEibK2wZZam-fbi0Ndesf_JZ_8ynFckojSWFHPNqD9owmfYd4bPXSl-gbAoatzXSB-C-3AIn4yz_SrVlYDNQqbwy9rSBWN1FgqqNaHX-Wj0CdAAOGwNtfvxTw8DXng1VYAQUB9W71lqknCItX0tL_Zy6H6Qqbnzy1uRXtmLJJy-I0A9rC8FEdYCChq35FmXbF9ZZA08qxMSFNw8X6WpDXe4CsTchjPr8F_vfWSvGm1xbJH3lDxYmKW4M7fNwN24H8Orj0pETfgViGsVcssS1h1UvNzOc9oVYsiud0dE9Tknh-6gFo6xYHNKlzGCbRUJCTMkU1_LBCsBjIReZVmtJ0w_h4fVfupJDM1fJ40qbdU0_GO6Ov1f3nCTO6yoIlNlZOY-K8Z94-kjOj9DixpWr2fa1Fg4sJaqOLBnXe252CrRd103ArPiFkqTB91mgaCCugCFE3QAu6ZOVbydl83XBJosSHz_1LOLtbl5V3dLaWZgyHO0KgvyK03vDsn6UrcuHGNMgilRF7dv6AJt9hRp80AKW2tVDUWEsQjTPJgM0pQpyPwnJAOTcObF15mOVUNM1qftH5wNH3aNOHUWIlTZhApiRSsm2QWqwKpE6oNCbUESOmGQrYp1anUNmTMlCJlOXqH5vgu9Hs6xccgQ10x68QzLx2_9IrtZEzddnl0nCK0yw5pdqXGpBWBBuIesERXh1paOpsIRvFll0AF5v-QkrE6b4tJRvS8yoCEG-LaRLNyf80uX-XnNYvshZs4zqn4TIMY4VeNImSE6FYC4cTHnfFvyKxylIgrNsnO0rY1U3-jov9dG-T--LC-sNootYdr393K9SGDw_PPbo0rxuA-HaddM-LKu3CY6yS0V7ACcVMEctG8NY_lEh2eFbpbZOP87XVvoBNAUVTMajDnbqOH6dLQLWh1cqXK0zM4LcZP1UL3BpDSGk6rBp8a3gFS0VRUKGUhb81K0k6GDVYwFfFMKYWN9KA1AsMfXCzCfYKUOFGqVWTK7DDaC1d6IxJhMznzbSHBRRf0V21nttzGMXSKc9DpsvzaXHv6t_HfLBCYpxCieJVYPQTuQTJD1PyZ5vDjgr3TkNa9QASNCgLHvwy2sRVZ--16RdylIkkEHkcG0NF1hbF5y-Dp1xvR_Rdx8eRsC-EU0VEp7uKuJRIpV8WZoWHHnmo2Im-gpcY7NWCro5CHRO0AizsmV8SQbmGTURtcwSKEsx1QQF-y9c-VZLmQ76lxOfAiLRKrOKfATQvqdwYeAC7CmlTUbnYHqu2JVBFPiZ3zNVJN-GNQgkEvpUqg6hGtPPLT-0xFBJa03NwQ-slviMy6FyMiqyLTFeY9DuUg9tm5_CVYwkQvqZ1Xdg61eudwqcZPUmpPr7vJRK1yMQotfraEOsSrToKS2SX0KDnbpCQZcQd554c2AlpDCFR-E6fIYU6OYJ8dQQRlMZkFckoijLBZKdFoRZqk-HZVG2q2qFvamHLCF0cktCa0B80NH545vIekah5Gh2vh_jk5cbt3rpzD26DZuMg5dTb-8U-7aij8YWny9EMsbG3PKVPPBbbyCjlTtpQ1vFHkAjCkwWadPPSMjjdf0wNw9W6udAAcAoOT-scVzKTCSsl2XT-ePOioGIwcLaw4JjkPdaAn5nn1qZ_rTfuw10nIOXSJTCydjf3ZNE4xPRclL5gi1mtzlxb6qPYSFGda2Mel3JJVOmgWNcRSJum8PbVOK3XnVENTJt_tYKhkkm-loOioA8G5lNSsQ0nVUofNoe_SjCcJXAixF8Y46YEqZbmtuHG_ua45_9rn-YtV747bxsAAzpJ8m3OnUoWBknH5ayUdPWG4oGHK-GUmCYobih_zW6KA-RLNwew02dznYq3oh1WiZFBHFmhfLF8TiwumlbsSZ5RgkL-gzwgPtNcH5yXO58iEvbp9PFX_oWhSjNwBNuu-__C_wH9KMR1vrcFzk4ZWzgp0NZ8i7YXtlodSqI6vKfvlteWN-bSy1G1Vc-autMJtIJoRBuSZa7d8IufpeIj_V21foMsNg-VRIEQwKkEjquxwkgJ5rZ4EgzqNhXFAavMfQTzRSEyOB8jkWE4KBG_JQzPNuTNsLwBBhNCYCdrnyfI8vlJG_gNlqZSnGqJofPcg-3gUyvQ1P326_s_M1TU7lohcZ7EyhNc_zOOIYOxX5-lND-HzAaBL4ZsNAEH-pTX9ilThanuLn8B6xrFO8J9TP2iptp0EUu8N1na1waAMoYoIgTOXjl_8NgzBwNY3-H_-5MRFpINgb_tQxACzq9Z7HBgL_Yu6DPKlsySpZOxunbyWov3K-iv_PglzA5O9Ib_hBs6tdaePrkUwe5gyXnF66iJiY586dVYvySkQGOKkk9rdUfCh7w47H9TUDEX8T2RzdTGNjHxe-kKGFH_F3AHyrL2HF4q5loPpdbS6MjhVfjp0eV1QoE79OlQNPaVWCJI6G0Hll1LjMU97VZ2PbSAf3IR5fzQJj5HxA0xd8ft-d6WFKWTWEnxQWahdeQkdm4NY5ONjsivI4uZiU-JtWsnuEVoo6cIj0JOGCZcHiH1zTlnWf6N_29WT&cid=CAASFeRokCmyzhJGNOTnAFaswxdSqyVkiQ&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:47:13 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame 6831 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:44:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6831 0
446 B 78ms
52ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOBRJqhU7bGugQG8CkA_45rIZkQQqHQmUMrlJYsVdFAuV1bIMKDf5yBk-LYQXeN1FNkrSRA7j_wufWjCYgxnKXavcMbFM4QDzMeSFGZztRVsBYN1HE7AzzitKg12V9-hru3s1bGXEKZVZ4OZNShScBdfrWgZy43FZ_8R7Bf-0oP8ulMs2Pu-coOYGjaPjeP27UUZ6S9AEvpT0gdj7YPOv2qmzJ1cqFmaFFqvMvPZugGNUAnohLam0LZiHSPgNz8LBfVOu1JciZDD-R3G1i2WsHBpyU-ldmUOGGyYlfHyvuFehrf4Y6tuYXAns8DdogvM7fNwR1eETIbRf-YWtk_aIlGu-T3yNGSZqWRh6o-WbnF_HY_GL_Db1Vg9qd2pIiztPdFE_eQ5IffElBJa58WQgJYyGIU_inUcJSTO6fYm-JRVEH-Y0Lx8txc4NtW1FK7F8GcYxHkSV-wa-71wC0WvO_RsygZ-Ybni1FLIm2HZmXrxZPIdEcNEWkqAv6NF-7f2PlVeMJzhZ0tWek5Djsp2H09Tw843dHzBYKkb0mRNuL75MrVEGLppRJ9ttKMqZG949THwBAKibKmYgNSUvF7Ap7Fl8pkw8mjNFntwqFYGCKQt8ydsAv9Gi5e9izIAN4lhr7frlchhVChwvqEFNcjr-LHplyB6RLKXMHBAhuIokPNckyks_UzKHBonsLGyOaBuvT5uGzYWvQ1i6u2p5oP3PRp-A0M-InH0ixIileDk3ZxaschJSGbmkSYOvr3VxYq_jeshNlXyrWcg2zyJdbHKh0-GHg8rwsrYVc-OJ9eV9YknDdotGYRZd8V3mO82dP98m-oWOsD4BdQs-gKCr7uNULSVFp2goXhtLAJyG9F1P5weaZg5dswiK_lOLZWdX65r5omusoetsKKAGEfmS5z5dk1eSX9vyIHgy-K8z5GNhF375GRzYC8mvqb-C5vrwREBWA5gGQoDceMQytbOQJ5fivxog8Yi_6r_cYQNmxOgHv7XnQrxECegbstC_LJ_ql6etGuN9BjuUMoVO3DjA5CFokuBOmVTW_FlUDz2sGjncgzgwhG7o5o8Un1C67FxbIGO3ddsVbyjpxyaeePvfFlOZm8E8MaK6uAVnCBdF-dxJDM9xqLkJ6-Ob1LuBW2e-SoK2Hzdy5AdyzBG5VGs4eZphS9ZlkmbwerocL-EC4zJpVJAmeHmM2zVGXAoY&sai=AMfl-YQfH9hCQ7D2ErUr4x4KBUDe6boCH21NsZyc4-s39P3IafH9hMaakZS1qnBtscAuOHUlzxkhjy8REHNwYfIgM50Um7t4VpJQn01G1oc52dvyEdM8s_NlCXK1oNmpGZuu1jnNK7QbrqdTdKOXG-eMKJSEO0TXC6hWb4FeonU&sig=Cg0ArKJSzNhZ3NJySqW1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.70188&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 08:47:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6831 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188976
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 3806859236938116605
s0.2mdn.net/simgad/ Frame 6831 108 KB
109 KB 32ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3806859236938116605

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c83fba60740d49f379ceb181b9d240ee70f920ed3903aca02d16ca597eb1297

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 04:00:02 GMT
x-content-type-options: nosniff
age: 17245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 110916
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 12:40:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 04:00:02 GMT

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 6831 43 B
1 KB 78ms
23ms Image
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extCa=717&extTcm=de.06r.dv360|26793962.320105780.161662272.000000

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: So, 14 Nov 2021 08:47:27 GMT
Server: Microsoft-IIS/8.5
Date: Sun, 14 Nov 2021 08:47:27 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 717
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0545 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1842
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 14 Nov 2021 09:16:45 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 46ms
25ms Fetch
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true

Requested by

Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 4656179370492481901
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
x-xss-protection: 0
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
DATA 200
OK truncated
/ Frame 6831 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7d08a91cc95ca7b8b8fbaf1b8bb0525744494f452593ffae8b27de1ea300bb3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6515 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 325793
alt-svc: clear

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame 0545 8 KB
4 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 345822
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3349
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:45 GMT

GET
H2 200 05bb46b82d1d2bf4ab0b6db8ff47e7f4.js Show response
www.gstatic.com/mysidia/ Frame 0545 11 KB
5 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 06:41:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4964
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 06:41:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0545 2 KB
871 B 39ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 07:59:01 GMT
server: ESF
date: Sun, 14 Nov 2021 08:47:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0545 1 KB
960 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 788
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:34:19 GMT

GET
H2 200 d7ad32caf732a821be052b8b21af5e27.js Show response
www.gstatic.com/mysidia/ Frame 0545 5 KB
2 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d7ad32caf732a821be052b8b21af5e27.js?tag=analytics_pingback_2019

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d7845c01468ed82f644cac1c1cbdea3d717fb3f48909e24d6a413b3b5d57dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 06:41:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2131
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 09 Feb 2022 06:41:29 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 0545 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 592
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:37:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0545 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0545 119 KB
36 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:27 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 0545 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 725
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0545 0
0 15ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRW2rSuIBhqBpL5TBqpxzQ1LsF20DJBRmBBFXseUBRgJXYOUWSocmGDKodW74Ynr7OQpMwwfndHAN0ItQenQ_GXXr6Z7Q
Requested by: Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 0545 27 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6831 0
60 B 43ms
43ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
317 B 52ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-6221640-1&cid=382171589.1636879647&jid=604956252&gjid=1514698466&_gid=1439638825.1636879647&_u=aCjAgEAjQAAAAE~&z=1839994663

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 14 Nov 2021 08:47:27 GMT
content-type: text/plain
access-control-allow-origin: https://jmonline.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
192 B 11ms
10ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=746737007&t=pageview&_s=1&dl=https%3A%2F%2Fjmonline.com.br%2Fnovo%2F&ul=en-us&de=UTF-8&dt=Jornal%20da%20Manh%C3%A3%20-%2049%20anos&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAgEAjQ~&jid=604956252&gjid=1514698466&cid=382171589.1636879647&tid=UA-6221640-1&_gid=1439638825.1636879647&gtm=2wgba138QMJ3&z=2054840679

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Nov 2021 18:00:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53210
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0545 0
0 49ms
48ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKZKLH82QYdS2Dp-EjuwP2YO7iA6M-e-xZuTFgqyeD6n6g_qxKhABIPCpwXZglYKAgJgHoAG8-qmkA8gBCakCC5T3Zv4ysz7gAgCoAwHIA5sEqgTuAU_Qe-AsIH-GLb9j6J5wkXHFFe99lNi6BT5HhLckGkwVqXhuyg1QAMME9OyhXXBvK9s3n3v5pydTWj_F5GvBQOWZdPBR4nYh3mZWMo-IUr27ZtoTq0r1GpcYCqV-818fIp2XxuwYNywK9UGqcAPrpYhsmVnQP5bEztT6x2A_Zbr4FpqQQFjOuEZMHqz8aj_3-kpxrRTvTTzzmx3TnQb5_hk-lhRMv85teFTSopZvCfDq6HAlMV5PHj-Io8D6-UGuQX3yzdE_nZyKurw7_HeO4jeqXQYwpoeMUdEls5mNOtqvAOSnGMLEBo8owareAibABImvxOPYA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeshdZbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEELKeBdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTI1NDE4MDA1MDE4MDIxMIAKA8gLAdgTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi02MTkwMDk2MzM4OTc5ODg2GJaPFw&sigh=c-1MJ_q_GVo&uach_m=[UACH]&template_id=494
Requested by: Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6515 35 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 390413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 30ms
30ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6221640-1&cid=382171589.1636879647&jid=604956252&_u=aCjAgEAjQAAAAE~&z=1174074084

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
376 B 53ms
29ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-6221640-1&cid=382171589.1636879647&jid=604956252&_u=aCjAgEAjQAAAAE~&z=1174074084

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0545 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0a26e1138447c9f0ac21dba5e781d6ceabf3567960975389e0ddbae76b8ca16d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 0545 20 KB
21 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:28:40 GMT
x-content-type-options: nosniff
age: 271127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 11 Nov 2022 05:28:40 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0545 11 KB
12 KB 47ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTe68S1pkH1vZXg5POEAy5UHKI2GsZuLvBX33I1uwbNv7LAwgI&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcf342d15f6332cd37cdb043498eb638ef148c34d4931fb9e58381360857e316

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 11:35:50 GMT
x-content-type-options: nosniff
age: 249097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11358
x-xss-protection: 0
last-modified: Tue, 28 Sep 2021 08:12:30 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 11 Nov 2022 11:35:50 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0545 13 KB
14 KB 48ms
8ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQRN3q2-LqZZLvafX-PKkFF6T1zT7Vyyi9O2-kz1dhu3Dl80F4&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6d5c6da343ffc2fc2f681ad60c04ab0a75a3f78f82b7926120c82b48b94e515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:42:06 GMT
x-content-type-options: nosniff
age: 155121
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13554
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 01:42:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 12 Nov 2022 13:42:06 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 0545 13 KB
13 KB 51ms
11ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQnDfe8FZMIsrrriA94qSBEl_WieJaiFhOgOMWuJEHFFysQcCOo&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0f4fbbb8c379ff5a0840db13e72d5a7635daa560c912174af58ba124005b3db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:13:44 GMT
x-content-type-options: nosniff
age: 506023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13342
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 01:46:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Nov 2022 12:13:44 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 0545 14 KB
14 KB 48ms
9ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR8fQpHoC5sJ1G-4-uY_ezBJw-P5GK56p0M804iUjQLJ90cN5t5&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03870ae69d3dd5dcd4d5ab34c9ec31ea132c0507f3c80f71fb5526075d9f102f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 12:18:44 GMT
x-content-type-options: nosniff
age: 505723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14080
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 01:46:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Nov 2022 12:18:44 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0545 11 KB
11 KB 48ms
9ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRjy-07WJ-FcT3k8v8r0DoFzA134qYWaYhzIR2CiVuY_yo3Z68&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

584586f9a3dfd61a8eb57626664eb266d3a086a24026017839ad561fa4013cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 12:10:17 GMT
x-content-type-options: nosniff
age: 419830
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11551
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 01:50:24 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 09 Nov 2022 12:10:17 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0545 14 KB
14 KB 47ms
8ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcRCb-4TPJuXgyPsX7qz3whcbin1jWC2l_04GqAoOtTtc60beuBRw_7W2krS5w&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6d9d3791ba12021e1902a95f49cf5217d11d1280f8d0b6dcb472a1b89af3edf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:22:58 GMT
x-content-type-options: nosniff
age: 501869
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14319
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 02:54:47 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Nov 2022 13:22:58 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0545 61 KB
61 KB 51ms
12ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQNM5PfCNq3irqEfNsWM5iqGnE9nj9PoJqijaHMx5vTj1Y1MTgW&usqp=CAI

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4237eac471bd9833053c365f7e6f2d66620afe24058462f5574912a548aa03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 14:06:26 GMT
x-content-type-options: nosniff
age: 499261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 62821
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 01:47:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 08 Nov 2022 14:06:26 GMT

GET
H2

200

14548085737319361353
tpc.googlesyndication.com/simgad/ Frame 0545
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCvrJ-MIBCtAhitAjIIX1M0EkuXf-k
https://tpc.googlesyndication.com/simgad/14548085737319361353

8 KB
9 KB

8ms
8ms

Image
image/png

2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14548085737319361353

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8f37ffa0eb80d2fc59ea9230bd0416397fb1dd298935ada434084614dc70e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 01:24:14 GMT
x-content-type-options: nosniff
age: 199393
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 8578
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 12:34:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 01:24:14 GMT

Redirect headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 02:37:03 GMT
x-content-type-options: nosniff
server: cafe
age: 22224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/14548085737319361353
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Tue, 14 Dec 2021 02:37:03 GMT

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4E7 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: clear

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0545 0
58 B 41ms
41ms Ping
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyCgsIASoHYmFubmVyMgoKCAIqBnNlcnZlcgo3CAQqM2xvYWRfaW1hZ2VfcGwsbXlzaWRpYV9hbmFseXRpY3NfZXhwMyxwZXJmX3ZpZGVvX3ZwOQoNECshAAAAAAAAPEAwBAoNEAMhAAAAAABQaUAwBAoNEAohAAAAAEAz4z8wBAoNEA0hAAAAAAAAAAAwBAoMEB4qBjcyOHg5MDAECgwQGSoGNzI4eDkwMAQKDRAOIQAAAAAAAAAAMAQKDRAEIQAAAHBmdmlAMAQKDRAPIQAAAACAmbk_MAQKDRArIQAAAAAAAD9AMAQKDRAFIQAAAAAAgGlAMAQKDRAQIQAAAAAAoKpAMAQKDRARIQAAAAAAcM9AMAQKDRASIQAAAAAAABhAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAHBm9m9AMAQKDRAUIQAAAACAZuNAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABxAMAQKDRAYIQAAAAAACHJAMAQSGkNKVENwLS03bF9RQ0ZSLUNnd2NkMmNFTzRRIhJncGEvbWF4aW1hbF92MV9vY2goDA==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/05bb46b82d1d2bf4ab0b6db8ff47e7f4.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2123 624 B
445 B 23ms
22ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiK_f65ATAB&v=APEucNVU4UiD5G-0zV3oz9nnrT86WQ8E8a_wy_9yRFQb_A_VYM74ZakfxrjS05AnYR8AwBeVc7yLINB6GBoHojHZLtDxgGmqvT5rDVuLIdYoyX7VAiKeKJ76lpWYJf9fTldMI084ds2fPdNljea8nirXLmWXS2cjeaqNYwSPxCsh5f6cTkWsFOM

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 08:47:28 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame C4E7 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:27:47 GMT

GET
H2 200 398904123848458654
s0.2mdn.net/simgad/ Frame C4E7 41 KB
41 KB 8ms
8ms Image
image/gif 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/398904123848458654

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4887d38a5b2b1fbf0b42df87e10fef88e9ca142dc1e6d1755fa9a1debfea6c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 10:34:49 GMT
x-content-type-options: nosniff
age: 252758
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 41938
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 18:03:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 10:34:49 GMT

GET
H2 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame C4E7 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:22:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 07:22:25 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4E7 0
61 B 51ms
51ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstf1PbgoCpiWrVpQzWJgSdKqv9Z5ml4VruvMK2sfXlmcqvvg7S8TK7DDbE58yf5kWhPgsliqtuqepc9AiB_zhsNpWVX1SWW-jJEFbRhz3e7VqDfDn3cTC4H4ITMKhiwaPi82NJmyl7Dw0O_Tway1CyQe2QQImyVWLVJvj7GdMTvPPEFinF2W3DdN_63MymMoQ7q5h7wXEPAiH1jGF3_nSGH5P_gNPopILPjLcfAxvZr6nQDC1caoeUc0n9QfgMbiMjckSyelgbFzBugI07Zlof2abYx7WB-JKZV8wqLV9CdV1OCf7kwJBu5Ok9O7fRvwwNY85O4qu8HCnvHBvlRkbuabNAWyzferrV9CfNWiL79jNng_-z-fqIEOXcIB83JprbW0FXzhIsuP-qEsViGwjrh5YZTCpL9dcSD66ANNdW_TpqKV6n4J7WsMttLmnek9GB-D-Zs3tg9byBniOutZrdpr7LbLZggEBd9olKkeRH007RjPFP9Cfg45FwBwzkUt6xKdHjRZ15E_PrPeiMY6f9srrhOijta1uxAexc3webvmqhSfAlX4DX2_Jl0-6xuIxXOoxQonXMZlxNvodBAsM0yvHehmuloC_GKzjiv5hYRbgvzyw-kzwbNpjzxnONgHsxcQzEAzS8HVVncb_v-IM54viDd7ALYRI-Gg2MBgZO9t4MQ46FXuH1cvgNBDT3tIirVpdCM5gCUcCXcGV0znwd3S-GF8tsPKyZHWpy2sQ32Jl69bc0MUicbGavyxHI8ghNuDGPzPZ7x7cFlhIJ4X50NWc5WzPRxilh-_hv9MVKrd86cUrsB8YdPUep5QBPp8GP88kT3YMO5e8FDTJ0mYVw0wll1IIkHmc75nxUVxuOEvlrhqy0dtcRtNEDSmTwAdhpD18eUV86kjn7zYAmh_PwkwUTsJrk0HZ8uTRxNH78hrgqVEBoMHJ6j7MIZDStyB6pCk9A3cdEkii1aXSM3UXxR5h9Nckf7ZXFa9caCynLfcRoDD56GIXeoQjiMkQO4dI8tcSK4_F_Ja4aGa6r8Vg9YZUEskWQkmZ3rT3xjV9huOl3EK3O7X6AqW5I2KF_NuPZLgsmeBiIHMzpMIln9r8gx6T8pjDiEOPylvFMh7d8tq7W_D6-jNv50xW06YapfdbuKoy5ngKeJEuG-D2vdgxAPPi38pCwLt9KejnE&sai=AMfl-YQPujttAApdoHapatIzlbiQVyuo5r9a-xOQj4cfLgP-ZMai1O0-mSUcqfkKreU05sFNMh3NybgoLItZtpL9CXa80MUkRabsE5W9u0YS8NPpAMNpROIkmTTFzxXZxrNMSu4bsi5NY00mSlxwmKzd94eeABM2OhJfnD4V_amd6b7bKt_LuWVUrBYHWLo9pt9nbOIcEkRVKWHUDdqv_TdyO73XZmDVrg4pOlc6xMye_cweCNqCTb6t5-eDWA790PXqQPwILtSiuRY5O9D24E0eDYRCD2CqHw0ZFESE4pZPUzxpj17aNHKUXet2FPSB38CfyPbIiRGB5vknoEAqiwMbiZYyMLwj0yhYULpVnyUVt-LaY6_9mXbSzIB_85-FLd3xSQKa-Ff_3cX6aLvnTXKl0g&sig=Cg0ArKJSzJW4BRTPgZPsEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211109.50236&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 08:47:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C4E7 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188977
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C4E7 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGdqaRQYH2uiXEa1OXc7yuPlLw0p_6jZ51rXwWq6cW0u6oJsuPVTI-V09TbKn86NiDndrixABvj3XnAbw487B8PUF5c70-8BJ5DzDJ6D_RShKyZto

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C4E7 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C4E7 119 KB
36 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame C4E7 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C4E7 0
60 B 45ms
44ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1333 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 325794
alt-svc: clear

GET
DATA 200
OK truncated
/ Frame C4E7 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e63b5f40c7258dfbfcd9e90211d97a02e1b0222e1f3f88a16e5f408c7cc0404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2123
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

43 B
894 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiK_f65ATAB&v=APEucNVU4UiD5G-0zV3oz9nnrT86WQ8E8a_wy_9yRFQb_A_VYM74ZakfxrjS05AnYR8AwBeVc7yLINB6GBoHojHZLtDxgGmqvT5rDVuLIdYoyX7VAiKeKJ76lpWYJf9fTldMI084ds2fPdNljea8nirXLmWXS2cjeaqNYwSPxCsh5f6cTkWsFOM
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 08:47:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2123
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YZDNH3poSbNACsEp7bkakwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1

43 B
894 B

16ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiK_f65ATAB&v=APEucNVU4UiD5G-0zV3oz9nnrT86WQ8E8a_wy_9yRFQb_A_VYM74ZakfxrjS05AnYR8AwBeVc7yLINB6GBoHojHZLtDxgGmqvT5rDVuLIdYoyX7VAiKeKJ76lpWYJf9fTldMI084ds2fPdNljea8nirXLmWXS2cjeaqNYwSPxCsh5f6cTkWsFOM
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:28 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 14 Nov 2021 08:47:28 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJTyP5cUIlMzPYu4vfopf7A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2123
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAjNOl7_IoOgDqy2YVqAEq0&google_cver=1

43 B
1006 B

10ms
9ms

Image
image/gif

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAjNOl7_IoOgDqy2YVqAEq0&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKL4ChCK-K_wAhiK_f65ATAB&v=APEucNVU4UiD5G-0zV3oz9nnrT86WQ8E8a_wy_9yRFQb_A_VYM74ZakfxrjS05AnYR8AwBeVc7yLINB6GBoHojHZLtDxgGmqvT5rDVuLIdYoyX7VAiKeKJ76lpWYJf9fTldMI084ds2fPdNljea8nirXLmWXS2cjeaqNYwSPxCsh5f6cTkWsFOM

Protocol

HTTP/1.1

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:28 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9c77dd9c-0f2d-42b3-9e0d-9d8d065e25ae
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAjNOl7_IoOgDqy2YVqAEq0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2123
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

170 B
232 B

17ms
17ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 14 Nov 2021 08:47:28 GMT
X-Proxy-Origin: 168.119.25.196; 168.119.25.196; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ed5090cf-42da-41cb-bb3f-e0f0cc1d0fbd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTI5MTQzOTU4NDI3MzEwNzg1MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1333 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ydwwnsiz0RrvfpNl89rQqoBRiFg6eVxNIdbgsmjvwYM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 20:35:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 130304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13476
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 12 Nov 2022 20:35:44 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 94A0 190 KB
55 KB 44ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 492004
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 94A0 13 KB
5 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 492004
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 94A0 89 KB
28 KB 50ms
15ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 492004
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 94A0 4 KB
2 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 492004
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 94A0 40 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 492004
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
DATA 200
OK truncated
/ Frame 94A0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceb8d1e14a311e09c6e331fe84cf77c74a9ab8df63d9fb59372f73c0e6946619

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6605474036956745224
tpc.googlesyndication.com/simgad/ Frame 94A0 101 KB
101 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6605474036956745224?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkjyzwUzGk7kyyBZywet0J7wdflhA

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4fb96219b2ed521f970ed2d63f7681636c30dec7ab55b7b0b346967258fa32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:46:10 GMT
x-content-type-options: nosniff
age: 154878
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 103193
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 12:15:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 13:46:10 GMT

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 94A0 3 KB
3 KB 11ms
10ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 13:28:02 GMT
x-content-type-options: nosniff
server: cafe
age: 69566
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 2886
x-xss-protection: 0
expires: Sun, 14 Nov 2021 13:28:02 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 94A0 344 B
453 B 15ms
14ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Nov 2021 13:06:38 GMT
x-content-type-options: nosniff
server: cafe
age: 70850
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: clear
content-length: 344
x-xss-protection: 0
expires: Sun, 14 Nov 2021 13:06:38 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 94A0 0
0 15ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrmA9C2PYaEgQhhWDLh3Ex2eUkEwsWVF7e-yj1fB9Z_qbjXiC6GjlCe3hk9MqEjCg7LsGFE9w2-iXgquzRYFOaJi9t-g
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 94A0 0
0 48ms
48ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CpXO4H82QYY6AN4y13gOWpqXgCOibvu5l-6jLh6MOitGj7b4BEAEg8KnBdmCVgoCAmAegAdrCmYcDyAEC4AIAqAMByAMIqgTjAU_Q9o8OomAlhY12NuP6haW_7rHXQ26N8ezdxNrPNVaCKfkrKB9ojbO6vExPfsXihJ1UepHxds2mLyzSTxvRg5msD8AqBIZ_l86DPY1lqPfWt38AUfZhvpeBrjMX5Nogiry7_mVdPxo56fy97sB6sXA-WBX4NHtyXmlrjhTfOazh1DBxAnhbTSkOmpu1zW0hOajlRGvLIvwGbn9f2uTebZocBhyIVoZovg4cyT2vNCWObvmPt3UlLoTPTByYnlACVExoOP4P38Jo8xHtihZ9PvkojhIjcFvRjGZ6Cd8CfOKXDzVvwATP9N_UpwPgBAGSBQQIBBgBkgUECAUYBKAGAoAHjr3meKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJyvH9IICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMTI1NDE4MDA1MDE4MDIxMIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi02MTkwMDk2MzM4OTc5ODg2GJaPFw&sigh=jpPORPC10AY&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6515 0
56 B 43ms
43ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTUrWH82QYd-UHuDC7_UP6tu34AgAAAAAOAHgBAI&bg=!enmleT3NAAZQLpa_UC47ACkAdvg8WlzUm3XHdAxTQ5kUIqxL1KyBhgwH05NiGMaVoyoFew5E-suAfgIAAADoUgAAACBoAQcKAApPBvitkUoN2rGHmQL1R-zgPUZzhLBUpfESlifv_qRwSa6TWQ76dfbmYfwhhqrS-DKrSVmJZ3k1TvsjKguDYQRvSmDL0NfY2QyZcNX-UPLz77LUAlEfe9sbhRIaqv6biQiST7nXc0i0gE1pbQ_QZ4x_RSZEOgH4cu-3zF7LlIppqFhBkZK1y2WRqTmUnvhbUbucZgvs4LcvEiqhsxab4STN5Tt_AiRaxn1RebDISbruqI99NFSSnwsMe1gppx-BfmNub2B_hGh-wY7AIL-i_sQz4qkifN9cCFpTacwS1ogrZqn-Bs9VnahrmnnJz_wHxH3bnpwmHDVY9nqnZovZVlWVEUq8FB12XWkedCkERJkFpktwLEkZxzOKSm__KZRcQv08AjozQE6Byy6gLkBBLI-RDw__Rq1_UJ-A1jN2FiuKKwbRaUrjucBT8gY4Rwjdfj0r8QX-Ngb8uXYl-_m8aOzBDXbRYwEvBWH0kPPEo-gbX0f0MkrC-jKCtMd-temJRBqSQWvxf8_iMHuBQUlKRBhqNmFJLOccbzUmFy8-XQiMLbHEtpmGBj8X6j4ItDtRIMx4dOGCYRZAPXf-6SkDla4X-l_WAKsG1zrweDt8arofWg8HfNSum0rS5xXVrHFS6nLxpQScMUADi_7EZWnhvP3uGhqBxrR0bZdTYZ-YGxoKTKIYuCjinkafoWidQSIMXelGQIFSLGxOCGAFye6NqKdj_GBAM8zzEMqbZwR5o33D-dLc8zxZyyK7Mh-Ap0S9GmyFJ1nnjAg75WVJOWLO5Q8v3piYMQTBDSEq54pYTaVI27J431AlztmuIJts6lNHwZr9Ye3ClfzFDiwJYikNCDNTdGUI1adBJxDCd2aixDc0fD9UVWakUWtw9CZ9WwUCm53o62k0zbEY9FGBWQPisLCgvD05L9v6nOX-Ax6BDKebnkHKT_-gmrgXDeLVVL4kKfokZ9Us1R1Fi8B8R45K7JDaJy1T7AmZAnHev7RsjUoQLfDm1HURJmIXpv5ZiUZk0m0CBw

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 94A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

54ms
53ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: jmonline.com.br
URL: https://jmonline.com.br/novo/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: clear
content-length: 0
x-xss-protection: 0

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4E0 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: clear

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F645 640 B
445 B 20ms
20ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 08:47:28 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F4E0 74 KB
30 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIe1b8Xe9UacM7XfAULKIgBglibNEjHCtYMKGe8ozWenqKDMkb68_3io2sgVAiOdiynGLsUR94y9eIbjtoFN52xYiMMEUBDKk-Yvd1JsYAk0NBjNnXmkGfNk4eo3Waf3WXFaZPtPdYAXpNYWktKOgoQ1uR9A&dbm_d=AKAmf-CZ9EX5Qi50ml7NT2PzsTxhWNtAOeBOuh6YlJp9_MpTsgXaGcGk2750h-1kGUCpJrk_yDa34y_Kbd56qCKWtHWJcJdSLCI0KJDWFwaM_cvNDcZ5rqQNre0TvmItYiAXreW3XHFFx-3LYBvkJbWAXXKGBEgxdT33-ws_J3UVk9_PAbqd5FMiBdubXzjvhtjHrk9-lw42HE_MRde5mNbPGCuLXk1VAw0O8396AWPZEEzMaogVpk-EdK4i-mQ6FbBJenTXQ6zXyMBC3dSqVA_MPULlRCOAXFoWLjf2JO0q-JXQGPovnywu5RIItAJwallbRqm1pCPmct5q06DehYUqB0VZsGmnc8_sIPLAVxjmOaLdi2nkfKuNqBH2BzTG13Wfqera0ZRVEOR0waVYtaz1QGxOUxo-rKwmrXbkaLYL0OOpoPeCRSYluDbU2YTt9BvXCP9CW5MYKvG60hVZST-x6k2CITLLOc1y3dLOIjuCRRJ4FVIu6Xiz8Rwxk2wi9dsaWC1f7l5VilK8QM7DfO0_245-AfJNQokcPtE1AEjjHhZK8mOctGEUzEwooeg5O8DVgUU3lQQZKO4jBTIIEWmqZiGUzO3CxTH79FN0MUanJVWQqJPgLykChkf0of3fbIeCI9CKHjAqCIzrA-iRNRvMBPjVxctQ3EXhpIbDy97JUjS2p7gZOt4o_s8yeMQiiH9K7kQDBLp3tPp5wTATsrcO9jRjCkXK9ydLlhnwPpOPWYKhGtWHgI2j6ziZ5l9nmwmwyUotQTEyUe2GKkDLstnM3XSqGmxn71JV0SrVf05Z277ioAVQIMa-Gg9gWcFMvouBLtYadSttgTnRixCwqnXwrT-YrdXLBaaz_66CcziCZk8uFhhQsT_YffbxGRNZGyzZ_awL6Wxa63Umo9ClqTvAQwt98U0gLfuNBSNe3TubPD6FGY_hS31-aiEvPm7CorW-L9BEFN6O1-MwRi1DIIHUQLWD334rwt8PhzHmT_tA7bqZP5ub-SN1yECdUY2jtQcJrsP1ci2EeEGLhMAJ9F4mJUNPFkf-UMlbng8QAExL4jbxMkXAohYOlFTyk3R2pm4piq-qavTymjOiYL6IsAB1prw3oQZdhHMJIqDVkG-pt2itA8DefQAbPcl3BLzI612h3C8kLnPvcl9LdyPt8_PtLn_Csx3WF5oAESx_rTbyU7aBUowuYsfkDGkJaTpfCs-NjdoCsTI3TPKdunsl3Dla6RgtkWNDsgWgNCPbHo33_Vhht0Ps9fNT32bzHZ7iYQXDqGnNlAL5O37PG60SENIQYVWuGj7rsp6WBi9jc_rUcYI3jFWYlk2HKVY4dPxbNPd6pLPH_F1Ui8P9fEJRjcSZowDokdymFfcfmdAL_zYp0ghCT4SopiKtNLBbt-3Z09SjjmM4j94MJoQ1WcYmcE8DW-RRtqu9xeKkhrjNJaVsypYkFo7Oz3e5t_Hlhy_cs0K3XSoRF8suzmwSYK1tQTFygpnZgwEYZd980CNCGVCBkrG_bgr_yevJDfPT8ZLAjINmRQfag3fYKZ7VcCEc0LZA8dpl0ZVmoCfV0pL28C8maG__9dUNfmo4-tukmEM0R4pU8kmddkjfNGfG2NiDBXaeVusJSx9jyAFo-Ssojpm8MXg43ZcEhFuL2HY3p96eHAC__I5nF0pQbwEy44ckxbJuD0Ee_kESy0B3L3RXNgdyvKfQctNxlWFgiAjzwG49RRT3BHJhvjiuE5iB1Twk_sO5_ZLO2IMoyy7piOdtuvognxJS7ft1_vAEQYDVIy8UOb43xqRe3UnfH2Nx4-4PYZMi6OZ-b3qMHatzJsAGVg1v9bYU6gq-9lrZXlFpW7_emsOQ5jDNT0K8Ajy2K7Wi2sifeyohp1WCQy2ylhGZsPKke9B5Cp5cnruqcojY0fwzT0qpcUPyuCiTpwTq4BKFjv2VP2JurJtfsIvpUXhGF-j6SFnE8ue2rU4Cja1mhwJtUaqf01KRkXdHiLr-6sxSLAkyg8e_O39BGUCCWejJvb3-Y_nE21t-N3PSfIcT6eXz4ye0Ga8IjPKaXXmhasfO6Y_PttATyWztxny_9QD-1__Mtnm20IxOa4xmf1LvBm409HgR1bQ4Sv3gOvKODLI6KxELszhBSrcHRWTq9VXNzNtlQp9FlZJqlMSuPYmvFdKQpVOSms0PKEAmmCThxM2nbUsWoWGx5tvFalihVe9bdo4XO3kPx2NUYNAiKw7aBDT1BKG0nvt4Kbx7AXNS2AmyBhJYqDtpWHc0QKsuX0ZPf1wdlEyEtGlFdoqbGdCymO_XU_m2QeFQ8YDBgienlL2qVkPSihgY4GnJmOlgfL-nbz3IpVzNHERaFgS0lO_-HMocXMvFPZrtKpfVwTlxyibIRYsmBQrliBJELAi9Q7FPs-mt0bgIBGIqqgdhorA6eubQgg78eQCd613bc_oh5SDMbavaEiPmW0yu70Ywz6DusIKUIvdo4cm7HDIBN3avCJNNxgSQnVGoeQkBiK9W4NcCN6KM1xJt0c7EQnCf5scrrqDI6m56O6JW9uRB8w3Dy84qxymrqZ1iAtY0b16uv3ffLJkKEagy2QWSSpScNwKntPgbqw41LaBMY0rKK53fqSkWaD156yXzZ8u3iboDHQ5Rn3n6vP9XTgCBU6TfJQcI38_GfsLco8zBgglp284o83A8zc-wJ9VJw7-5XZry8mX6muReFhWNuAu7sKFxyIuKY4cSodCuSoU6-CuhqKaSz2iwhAjH1hd4lIZ3GNK0pZM5wWmhUM2tnDWRJuzsfwVMKlXiU6C4YcIaU55baPsM1TlV1dtp9X4uoPhrF2RB-TjHwt2eP4dGMj5c1eKR1J0CeKcLwch2mtkjt2OuwQvJDZTNzvIX9DkAFlaSdUDZKPh9GQsozC8ggG_5ABCvn_qIW2Px6v11f-5UZf8rVmGOyjPt0QyudeFHQo7IFtq3XdY3Tlw8Nu7Rc7q5CH96AvLLrKJCN2QbfZ9DY1EB2LCxx6inwqS2TlpyIWnj4BF35neZyFT6GLCBgJ03pXUXP_r2yD4mpElIxzk3-XhUCd1642iG0I-ao2V02AM-Wz1MwvxretkVQ4pracVYygFoZ_d3KMm-qkcyqIXuJRxsj4RpKORdY0OasqdfQ3tbCG2wbAn9h2YgFLh3Ur8_oQcgxvN50J5oPTyXKh9wgaCiXMrB7rld8j_3Q1ANv3_TS8mXStYGgvi4QjjBYAIlHw&cid=CAASFeRo9ptAykk3RmiKMR1b39OHhWCINA&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8502ec373925d7fd9a7265b54eb5dc7849b3f85046ec8cba4fbdffdd7a9715c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 31088
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4E0 42 B
107 B 41ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AV2WecKmZjg2CQ0EryrDGhSyLIXeKCf8mHSXrxGffXuljjh5RDt8Jp6V_mRf-HFGmTfGYh_2Z-WEMBJeTWGb04fh8QGxFXt8s20pUfwI5yXi2e7RA

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F4E0 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F4E0 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F4E0 0
0 15ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2kRv01spUbQXesk2uQHoFgLwGzoW5G5uwPVKfdaWeGYvWthSpXvhTHWH5ae5o9mXZaQQwnv59eSxWfP1IEvGP26Y6Qg
Requested by: Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4E0 119 KB
36 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F645
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1

43 B
180 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1
date: Sun, 14 Nov 2021 08:47:28 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F645
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame F645
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1

23 B
172 B

34ms
34ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 14 Nov 2021 08:47:28 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame F645 23 B
172 B 53ms
34ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiZkL-5ATAB&v=APEucNX8_LzqQDDRTnm1WVBz0r7Q4SVwTN3I_iQ00jEno6KdFq8qgrH_FaIWmbEmrEmfUnQOaf0R-mWvdUnKBCRqnSkUwC54yqG2QpU-mXXoTxP2jOpOV9amXoo2xfFYkgeJGvj_z9jTV6_eOzQZndMESGau0kPGRlOOX8wfIxE-gAdD7QUzhjU
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 14 Nov 2021 08:47:28 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame F4E0 106 KB
37 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Origin: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71575
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:54:33 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame F4E0 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIe1b8Xe9UacM7XfAULKIgBglibNEjHCtYMKGe8ozWenqKDMkb68_3io2sgVAiOdiynGLsUR94y9eIbjtoFN52xYiMMEUBDKk-Yvd1JsYAk0NBjNnXmkGfNk4eo3Waf3WXFaZPtPdYAXpNYWktKOgoQ1uR9A&dbm_d=AKAmf-CZ9EX5Qi50ml7NT2PzsTxhWNtAOeBOuh6YlJp9_MpTsgXaGcGk2750h-1kGUCpJrk_yDa34y_Kbd56qCKWtHWJcJdSLCI0KJDWFwaM_cvNDcZ5rqQNre0TvmItYiAXreW3XHFFx-3LYBvkJbWAXXKGBEgxdT33-ws_J3UVk9_PAbqd5FMiBdubXzjvhtjHrk9-lw42HE_MRde5mNbPGCuLXk1VAw0O8396AWPZEEzMaogVpk-EdK4i-mQ6FbBJenTXQ6zXyMBC3dSqVA_MPULlRCOAXFoWLjf2JO0q-JXQGPovnywu5RIItAJwallbRqm1pCPmct5q06DehYUqB0VZsGmnc8_sIPLAVxjmOaLdi2nkfKuNqBH2BzTG13Wfqera0ZRVEOR0waVYtaz1QGxOUxo-rKwmrXbkaLYL0OOpoPeCRSYluDbU2YTt9BvXCP9CW5MYKvG60hVZST-x6k2CITLLOc1y3dLOIjuCRRJ4FVIu6Xiz8Rwxk2wi9dsaWC1f7l5VilK8QM7DfO0_245-AfJNQokcPtE1AEjjHhZK8mOctGEUzEwooeg5O8DVgUU3lQQZKO4jBTIIEWmqZiGUzO3CxTH79FN0MUanJVWQqJPgLykChkf0of3fbIeCI9CKHjAqCIzrA-iRNRvMBPjVxctQ3EXhpIbDy97JUjS2p7gZOt4o_s8yeMQiiH9K7kQDBLp3tPp5wTATsrcO9jRjCkXK9ydLlhnwPpOPWYKhGtWHgI2j6ziZ5l9nmwmwyUotQTEyUe2GKkDLstnM3XSqGmxn71JV0SrVf05Z277ioAVQIMa-Gg9gWcFMvouBLtYadSttgTnRixCwqnXwrT-YrdXLBaaz_66CcziCZk8uFhhQsT_YffbxGRNZGyzZ_awL6Wxa63Umo9ClqTvAQwt98U0gLfuNBSNe3TubPD6FGY_hS31-aiEvPm7CorW-L9BEFN6O1-MwRi1DIIHUQLWD334rwt8PhzHmT_tA7bqZP5ub-SN1yECdUY2jtQcJrsP1ci2EeEGLhMAJ9F4mJUNPFkf-UMlbng8QAExL4jbxMkXAohYOlFTyk3R2pm4piq-qavTymjOiYL6IsAB1prw3oQZdhHMJIqDVkG-pt2itA8DefQAbPcl3BLzI612h3C8kLnPvcl9LdyPt8_PtLn_Csx3WF5oAESx_rTbyU7aBUowuYsfkDGkJaTpfCs-NjdoCsTI3TPKdunsl3Dla6RgtkWNDsgWgNCPbHo33_Vhht0Ps9fNT32bzHZ7iYQXDqGnNlAL5O37PG60SENIQYVWuGj7rsp6WBi9jc_rUcYI3jFWYlk2HKVY4dPxbNPd6pLPH_F1Ui8P9fEJRjcSZowDokdymFfcfmdAL_zYp0ghCT4SopiKtNLBbt-3Z09SjjmM4j94MJoQ1WcYmcE8DW-RRtqu9xeKkhrjNJaVsypYkFo7Oz3e5t_Hlhy_cs0K3XSoRF8suzmwSYK1tQTFygpnZgwEYZd980CNCGVCBkrG_bgr_yevJDfPT8ZLAjINmRQfag3fYKZ7VcCEc0LZA8dpl0ZVmoCfV0pL28C8maG__9dUNfmo4-tukmEM0R4pU8kmddkjfNGfG2NiDBXaeVusJSx9jyAFo-Ssojpm8MXg43ZcEhFuL2HY3p96eHAC__I5nF0pQbwEy44ckxbJuD0Ee_kESy0B3L3RXNgdyvKfQctNxlWFgiAjzwG49RRT3BHJhvjiuE5iB1Twk_sO5_ZLO2IMoyy7piOdtuvognxJS7ft1_vAEQYDVIy8UOb43xqRe3UnfH2Nx4-4PYZMi6OZ-b3qMHatzJsAGVg1v9bYU6gq-9lrZXlFpW7_emsOQ5jDNT0K8Ajy2K7Wi2sifeyohp1WCQy2ylhGZsPKke9B5Cp5cnruqcojY0fwzT0qpcUPyuCiTpwTq4BKFjv2VP2JurJtfsIvpUXhGF-j6SFnE8ue2rU4Cja1mhwJtUaqf01KRkXdHiLr-6sxSLAkyg8e_O39BGUCCWejJvb3-Y_nE21t-N3PSfIcT6eXz4ye0Ga8IjPKaXXmhasfO6Y_PttATyWztxny_9QD-1__Mtnm20IxOa4xmf1LvBm409HgR1bQ4Sv3gOvKODLI6KxELszhBSrcHRWTq9VXNzNtlQp9FlZJqlMSuPYmvFdKQpVOSms0PKEAmmCThxM2nbUsWoWGx5tvFalihVe9bdo4XO3kPx2NUYNAiKw7aBDT1BKG0nvt4Kbx7AXNS2AmyBhJYqDtpWHc0QKsuX0ZPf1wdlEyEtGlFdoqbGdCymO_XU_m2QeFQ8YDBgienlL2qVkPSihgY4GnJmOlgfL-nbz3IpVzNHERaFgS0lO_-HMocXMvFPZrtKpfVwTlxyibIRYsmBQrliBJELAi9Q7FPs-mt0bgIBGIqqgdhorA6eubQgg78eQCd613bc_oh5SDMbavaEiPmW0yu70Ywz6DusIKUIvdo4cm7HDIBN3avCJNNxgSQnVGoeQkBiK9W4NcCN6KM1xJt0c7EQnCf5scrrqDI6m56O6JW9uRB8w3Dy84qxymrqZ1iAtY0b16uv3ffLJkKEagy2QWSSpScNwKntPgbqw41LaBMY0rKK53fqSkWaD156yXzZ8u3iboDHQ5Rn3n6vP9XTgCBU6TfJQcI38_GfsLco8zBgglp284o83A8zc-wJ9VJw7-5XZry8mX6muReFhWNuAu7sKFxyIuKY4cSodCuSoU6-CuhqKaSz2iwhAjH1hd4lIZ3GNK0pZM5wWmhUM2tnDWRJuzsfwVMKlXiU6C4YcIaU55baPsM1TlV1dtp9X4uoPhrF2RB-TjHwt2eP4dGMj5c1eKR1J0CeKcLwch2mtkjt2OuwQvJDZTNzvIX9DkAFlaSdUDZKPh9GQsozC8ggG_5ABCvn_qIW2Px6v11f-5UZf8rVmGOyjPt0QyudeFHQo7IFtq3XdY3Tlw8Nu7Rc7q5CH96AvLLrKJCN2QbfZ9DY1EB2LCxx6inwqS2TlpyIWnj4BF35neZyFT6GLCBgJ03pXUXP_r2yD4mpElIxzk3-XhUCd1642iG0I-ao2V02AM-Wz1MwvxretkVQ4pracVYygFoZ_d3KMm-qkcyqIXuJRxsj4RpKORdY0OasqdfQ3tbCG2wbAn9h2YgFLh3Ur8_oQcgxvN50J5oPTyXKh9wgaCiXMrB7rld8j_3Q1ANv3_TS8mXStYGgvi4QjjBYAIlHw&cid=CAASFeRo9ptAykk3RmiKMR1b39OHhWCINA&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:44:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame F4E0 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:47:13 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F4E0 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188977
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
DATA 200
OK truncated
/ Frame F4E0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 69119aa6c41fd073bb93561719eb6b2673015e445fea50ccc6cc9bd547b3d42a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1333 0
56 B 43ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFneAH82QYY_xHo_l3wP54I6gCQAAAAA4AeAEAg&bg=!dXaldjLNAAZQLpa_UC47ACkAdvg8Wj0AnwIPunTqypcJzylWSvPf_YJj47yMzM3y7wsLcIPItjGL1AIAAADqUgAAABdoAQcKAILFbZJcIcCJXvBBVqAyxzl-Gg7Rb7fibfdTCnK_71Qm9MJStwG6M6saT0o12do_Kq_I1XTPtZsOEiMPJnYEJb7WqL6Z95zEQhRLYvYh5zpni_llHJNV34wRUGXwttA1jcM4TsrEfUhZtaUOWZytumqpOJyMtnaOiT07cayBY87mVBxqmQL8GN0VMb94pIw5hRrcmtQm7ZzZjILf-VzCM3QkuJ9dSvQE74TDX7GsuvdFi3eEpnpO0ZFs2qxlCt9fTjdCKTLMD9gEtSNXUEzpWnBXPNAEQuCfGzCnrkfh28fUzxaoBm6YyFwlqxVCXBUM55mF0LQmzJGJBd7EAF5mlVCnwe6tudXZmJoUSDpCBnFT8gQ5i-Guhlc7G9O88ckETSXL0Vy0rlmjMZY99l8w1Mvce297qsnVQI2ipDjsNlriosHQAyVyH8mCOihUsiZvZl5EThQ0OthBadRQG-SR4uJXbzi5hb3eFhIKZ0MJKHj32YjORv0kebjr_-M8p6voFDpvDlKMZFfRopoO-N7LmACFnO7CNjCIUOxVez5XCMnZITZnNmguI6XcDCgJA_H_-0bWaDZUGZRsxvkjEk67faImghLTO0swlRAxH92AP9nw06JtdcMdOw97mDTJgolpB9QHPHP36_1v2a4gbcmWO9eJTRUzrbNamf3tC1jgq458xTle0dYd75R67EmEYrfDcWGcEUX96IGcnQVxjPzC4GeZxXLEisChqnvS44th-UV3PAnWERYgV9857YACjvKy_YX88dp1K87eEnBUb5gSjo-azqK0cUNDJ-OiD-e6SwHBj6T7KxvW7riFRo8p6_hcLbBzBMba2XEpkK8pH6pnVq1QgEq_O-emfQfy3FKviYL4fAwzhrYZlkpj0OVeaetaIZfskTao-q1zOcQQBKHJ8kpNy2CplwwRMrZR5AuBvPnVjp6YU7LZNqMD-Qjeh7tFzocRkGHt4bqJWDhowj9LF6_RoIH_GDovyYnISRwgYrRcN8Jh1C6htpLywGv7v9KbJlVom4TVQJpZuTJqI66kUv3PlCuFeLX-NVxUgf40SyF1R5dPzFv0IglethH3VpDmPOfyDsLu8u2VMLCGVBXtvDXX-vMVkdCZK_Y2LB2qsEb_NLeNl80i4rSpxGPjpSZWbXJ3vPPc4EK00YWiwQ5XY3ZwGt26RcvNEIShRmNpRe09wAU

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 9B07 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 325794
alt-svc: clear

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/ Frame F35D 12 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 3490
date: Mon, 08 Nov 2021 13:31:03 GMT
expires: Tue, 08 Nov 2022 13:31:03 GMT
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 501385
cache-control: public, max-age=31536000
alt-svc: clear

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4E0 0
61 B 50ms
50ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq06ehk28v0e1zspIxoIZo5FQuQ_0FxLssP6tYbj1JZXibyupL8pj_Vqugp_4hdfdv7tUY1s3mSZUVjRWnATb56srY9DuSajpd-jeFlmWsYtXYq_mX2ZlXdPS7aqTdyARYCHrYv0yKgBPGjbT7C59ZjL92Mgf9cjTFacOCTnnoEzJWhtXdehwtuvoVAkLhs_wpCEKFBAEqXcpxRMlMVfS0IM9Y1QIsCXJ__IXMNEdJf7Y1CiZ8xDxdje8ym-Us4soPXhfXHlvEzidFXtO0fz_vcY0puS_wdM37iZzHj0uKrWug-73A7P1Zh1PNkSD5Id0gDjcs2F286ztnEeO6qDWf0BVrHFr3MAwkdqn-19q4ASS8hRqOsSA0rs22RHLr1zfL0EO-zOhuFIsp69x98Di1OacrnJLZTxr5MhGX8yLmr6r_XJjYxmaNYjdfr88z0fouRa4G1tx26g4OjFNZXE6fpMy9tZ7NnIXvv1J_gTJ9JndeCR8V_H5koPHQHDfPYwSAmd3iOXEUXSTZqRD1YuvpyL2gTs9Ytz0wO6aoeVGymWbtpmXctcBjFuLbC4HqvUeYRByvBS_nNmb6fM84IAGds15vC6CeLIN1aEchNPYjDDmO1YG1Fe6dCpHdJs7n5OWoXLWWjp3IqGlNi2Wzr3Tzr8s1BhWc4W06HNDa7B1sjem13kyd9dTfeFDPiX6QX1o3DUrt0xK9rnmD6gvoEbNCfjcxB68O4aiEOK6yt-ah-LU52Vpuh-VQr_zmHQrnp_SoVzGOFGF2DE4dhLSSOAUisgeKt39pwe8EYu1RSnrdlIJJbbJ_XnRboJWm9lae1X-AT2b5PjKDU_oMCVde3Zz_gzRGbW7oOBOR_ZgcMtF0mKMEE511HV4Y0y19ntM0I0lBbtkmsRzRcAVfJ4G5hPyayxy7_Lu_u16pwC_wy_ch54OkzbueixYoQA6R1WY0FJdXanGHsul5jr-NyHIGhY5AQyLxw-_hZe2XcWVoNbD_Tq6dUrjYlhenNybD-qk6pruLDLwDiV_Ui7xOaEwADj9YjcVu9YDRTAsyFxypsKgegsq762sd7kgGFcWwvRc7ImFUZ0i8a597BQd0j8auRV9gZsCZ4586BvW3gEO13EZaR7jwqzgEFXGVlC-Cg8UWtJCJQiZeCcJOwhTya6DoNawyMBpU_Mwq_Pv2InbJpfRVtGvrkTaoRowQ8SaQqRqjQ2qNHaIqCw&sai=AMfl-YQAX3sP1F0665iO-QUTEpqMn1T3x2PFMRjgqby8Wb9YDm-xljo5v3JtgjnK-QtVQlQlputkwAiLj-QCom66JD6HosVx1THk4ibAfRjtpmFKoCZJuQuAqOIoYtJE1r4hCZpoUARdO_xZtsoXWNA6I_e8oTIOgHwOxWARJe4&sig=Cg0ArKJSzGQO8odgFbmrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=60&cbvp=1&cstd=56&cisv=r20211109.14897&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 08:47:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 bg.jpg
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 74 KB
74 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 05:09:29 GMT
x-content-type-options: nosniff
age: 13079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 75447
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Nov 2022 05:09:29 GMT

GET
H2 200 img-lensflare-0.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 4 KB
4 KB 8ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/img-lensflare-0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4352
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 text1a.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 3 KB
3 KB 13ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3023
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 text1b.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 3 KB
3 KB 12ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2584
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 text1c.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 4 KB
4 KB 16ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text1c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3655
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 stoerer.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 3 KB
3 KB 15ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/stoerer.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2655
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 text2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 4 KB
4 KB 17ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:10 GMT
x-content-type-options: nosniff
age: 208038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3787
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:10 GMT

GET
H2 200 text3.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 3 KB
3 KB 16ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2653
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 text4.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 4 KB
4 KB 17ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:18:40 GMT
x-content-type-options: nosniff
age: 188928
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4233
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 04:18:40 GMT

GET
H2 200 text5.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 3 KB
3 KB 15ms
10ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/text5.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2963
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 legal1.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 11 KB
11 KB 19ms
15ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11631
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 legal2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 14 KB
14 KB 16ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/legal2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 13:46:10 GMT
x-content-type-options: nosniff
age: 154878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14104
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 12 Nov 2022 13:46:10 GMT

GET
H2 200 cta.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 1 KB
1 KB 16ms
12ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1296
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 cta_2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 1 KB
1 KB 17ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/cta_2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:10 GMT
x-content-type-options: nosniff
age: 208038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1316
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:10 GMT

GET
H2 200 logo.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 2 KB
2 KB 17ms
14ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 23:00:10 GMT
x-content-type-options: nosniff
age: 208038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1756
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 11 Nov 2022 23:00:10 GMT

GET
H2 200 logo2.png
s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/ Frame F35D 2 KB
2 KB 16ms
13ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/img/logo2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 13:31:03 GMT
x-content-type-options: nosniff
age: 501385
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1990
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 12:36:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 08 Nov 2022 13:31:03 GMT

GET
H2 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F35D 109 KB
37 KB 22ms
18ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9647747536650191699/10-IWE-BFW-Leaderboard-728x90-BFW/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B07 35 KB
13 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 390414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4E0 0
60 B 43ms
43ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuq06ehk28v0e1zspIxoIZo5FQuQ_0FxLssP6tYbj1JZXibyupL8pj_Vqugp_4hdfdv7tUY1s3mSZUVjRWnATb56srY9DuSajpd-jeFlmWsYtXYq_mX2ZlXdPS7aqTdyARYCHrYv0yKgBPGjbT7C59ZjL92Mgf9cjTFacOCTnnoEzJWhtXdehwtuvoVAkLhs_wpCEKFBAEqXcpxRMlMVfS0IM9Y1QIsCXJ__IXMNEdJf7Y1CiZ8xDxdje8ym-Us4soPXhfXHlvEzidFXtO0fz_vcY0puS_wdM37iZzHj0uKrWug-73A7P1Zh1PNkSD5Id0gDjcs2F286ztnEeO6qDWf0BVrHFr3MAwkdqn-19q4ASS8hRqOsSA0rs22RHLr1zfL0EO-zOhuFIsp69x98Di1OacrnJLZTxr5MhGX8yLmr6r_XJjYxmaNYjdfr88z0fouRa4G1tx26g4OjFNZXE6fpMy9tZ7NnIXvv1J_gTJ9JndeCR8V_H5koPHQHDfPYwSAmd3iOXEUXSTZqRD1YuvpyL2gTs9Ytz0wO6aoeVGymWbtpmXctcBjFuLbC4HqvUeYRByvBS_nNmb6fM84IAGds15vC6CeLIN1aEchNPYjDDmO1YG1Fe6dCpHdJs7n5OWoXLWWjp3IqGlNi2Wzr3Tzr8s1BhWc4W06HNDa7B1sjem13kyd9dTfeFDPiX6QX1o3DUrt0xK9rnmD6gvoEbNCfjcxB68O4aiEOK6yt-ah-LU52Vpuh-VQr_zmHQrnp_SoVzGOFGF2DE4dhLSSOAUisgeKt39pwe8EYu1RSnrdlIJJbbJ_XnRboJWm9lae1X-AT2b5PjKDU_oMCVde3Zz_gzRGbW7oOBOR_ZgcMtF0mKMEE511HV4Y0y19ntM0I0lBbtkmsRzRcAVfJ4G5hPyayxy7_Lu_u16pwC_wy_ch54OkzbueixYoQA6R1WY0FJdXanGHsul5jr-NyHIGhY5AQyLxw-_hZe2XcWVoNbD_Tq6dUrjYlhenNybD-qk6pruLDLwDiV_Ui7xOaEwADj9YjcVu9YDRTAsyFxypsKgegsq762sd7kgGFcWwvRc7ImFUZ0i8a597BQd0j8auRV9gZsCZ4586BvW3gEO13EZaR7jwqzgEFXGVlC-Cg8UWtJCJQiZeCcJOwhTya6DoNawyMBpU_Mwq_Pv2InbJpfRVtGvrkTaoRowQ8SaQqRqjQ2qNHaIqCw&sai=AMfl-YQAX3sP1F0665iO-QUTEpqMn1T3x2PFMRjgqby8Wb9YDm-xljo5v3JtgjnK-QtVQlQlputkwAiLj-QCom66JD6HosVx1THk4ibAfRjtpmFKoCZJuQuAqOIoYtJE1r4hCZpoUARdO_xZtsoXWNA6I_e8oTIOgHwOxWARJe4&sig=Cg0ArKJSzGQO8odgFbmrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=153&vt=11&dtpt=93&dett=3&cstd=56&cisv=r20211109.14897&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 23ms
23ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91758d03d2d4fbf86c85348b88231601a94790eea6072a461219dedfbe5e0c7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: clear
content-length: 9122
x-xss-protection: 0

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA72 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: clear

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: clear
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DDD7 640 B
441 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 14 Nov 2021 08:47:28 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: clear
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FA72 71 KB
30 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbACy7MOHZsmj7qt6kyOPiyP88HZUNeiHHYt1JWBxm6olCeGhiktrHOcEQIE-uZElcgN46ffHEAGIQAtteUHqDUyQaO0vF_9r_InfsACYTIhzzRT-5O0dBXhyhX4DLazivGu4pUQTcHqMip1YfwK0d1V_LZQ&dbm_d=AKAmf-AKwIkQ4ik6AU3mQRzuV9yeMiXzPX-YsGPtHwYmHQboNac5qiNoKz0t_dFKG8ztKw0KR4btdPlZPo5ZPMe29CMmpYjKcQmXXu86jLMBSLu_k82Sz9UnIxwlq0BewNbXu9U2Us6bEJcpxpJzSir_viwOSkSkdgMdhtEb6k2uMBt4xVjhCaYsjj1uj_aO2uI6ocTEhnnCHWVdGqOOho5qMxPBUqkuHQB7bH7V6EE5rqYTf_gf6_cKMsPHJHcG4pjxsLQJK3MQjcPDVm9QokJm5s6mRw68fStXigWX4XYcoKrzEuxHp7o1ZFWkVikk8cptdpifONqi9B3ysDmdAoi0HYPk2pQq0Hvks63uS1he4ZClt7NsKMpqR1v7cPnxqSniou7iNVTto0QX4Bq-As9CF3uOItU-W--MCmy8QtPMasCI8R6dkpUZ7IjUtHaKhdlMXpNEhKqcScJBvmADEXfxlMFj0JjNCU0nET5GP5SapwQiAUDUZq5frXjiPH3szrCUuMS-k7tedXFkKKZweEk9HhPlelTO_YorCX7BPETbzqDGGBhP0eVsDNBsKi5Yn801-FTLVAbLf0zl7HShBCN3HwDHhLU-qok7tZPkW7owup0kXlQQHHA4rBReol1VjxHp44LXiF0r-LxKiigqoo6d94QxYRHvT1yNg32wWinnDYBUqqBlsn77JobfuDIncm74xaGKGGI89me1e-5F4BzJjHIvtj2UA_kqgEM-GxkQBqh5WoQcx8v2EhrKWRK0nz8XGkyWEhi89jRyaTejzbm7nEC94Mixp02JMewOC81LUaPPkai7Ha574DgAHSrVdUL9v3tYJibMiQb4ynsmHuiCx9BYKfFjVdHWKEtTmhisUxGhXuP5RDI92d6U4kaoxLQB77FuvMOJ5VtQEe_5xRGNiHdkynZkPTBx7AbSH4klJyrYq40hwHuNZDIOKGUtmmX0X0LDJ-I2iUfS3ls6J0UgVOgWxBh3c1yCMKSb82UKjlWmlv46TRnnoLqMgEpI7lNV7AK2ibVO1kx0YAqYHwEh9pVeufb8UnEZazrasF95VC_aKSz5fN7hgCqOQP8Fb1CGVogNOIy8KbjXhgi9t4y7iMCLau_0DjkSfaJP3D6ItkxESHYGWyBMCzs4uoGF596glDcUqI1fZgwPgRRu-TYw2vXySfqaoB8W2ZItyBTeWJSvXBLC_8lGuKMqlIar0JylDoRrrZP-RVoMQmklSLLA02gAtRDzGxdVAwpCPSe0Tb9Y_tTFsV49kIPkE0u27sTDeWs3WzRwf9lnGYjaWR-m2kMkfZiLuD7Vr8z7UJtmI9TcYnQ49esq6kpuZbqMy92fQdKblKjuuHweraIKnsFVNjmjIF2Q77uqvJMGjFZuHXRbIbHdWGyRd5fZkNW66gQyQdlCeCHwVP5JqgfHPeJhApHzLSdgi5Rus_mb_yAP67vk17eFFlnqw7lmDah4vLXyGyd73KEOL2DaNNoDEDn4dQ-lNh7O5A7bctNlkLOQRnEBt9RMz1ISNAasu1i4FSy__73U1rdVKb8Z9HlSxPeGBr7K_ka0-FOzj9dSs78kE3aqbBzx-6VgGw-wPRcnZBzQ2glLOSGjTRRitKvgBsQ__hNP8kP0p9fskxrl0XgSU2tdlLrG3c_M89Fbh79TxnKte4ofmU_7kO4WxWHX8RP1D_WKH3sF5pnOdjZCZ8F9qvGyuvKyuddATNT43rK3syOO7tJW1zEZ7vYcVjChKcx7wAc3bHufnPl6mf33sufyYFENw6zWiNU2qFaL6bLe3nph5LlTzBdduWIg2tRtBrkhyI0FlHhbUyynN6NMJ0b_mNyODLYPdWNO1aNfOJJr9aitrEC8hhC62mgkCd4LfmNn-1pzY4jkth3q4Zb2jvozEfso0QhKbcOwqF5eHUrd29IZx3Kj7JFdaiLrf6lu35Nm19pZM7XhD5HIj8z0R2_ZTgNELJMCk4AeVTdyAHpBc7fGyoosxCtrRUSlCNlXINpGOVJObnmCQUpf9fUcWrphfXFO2NBO_3qOqB8zqlJYiW1CD31Dv5EoMeM9Z51I7OxX7ln5ZtjhWPdFtnz8AhmUHI4yrSkuBljr-36CvKT_JEn9udxH3i8ZXVEUf58as4gnSPf2HI0LdkyTcCaPm3Dvp9ywLJaSUuMbMcXYOVs3dL_bfPF1Dvn6dmzqrCNOERhczaKCyASSUPFKQrqqXD45INuvfKgqjH2HZ4CJukMAo1VKzcZryV2YPqaW_zF_jBkPvOhn937Kpt1nJx5wzp9roWOz7V32JMJa-rma03Sg6pM85qq-TugKCMZ2ztCJW_vHdnjRd1zdSwixIueFfnT8oEGun9br0wADEJfHdufhQHezRZhKi97RNqJ3SkOC2UhAZk-3oe6-ZDo53EiOmd8CBgWlcq3EtKniXVG2pXtJ6AB-LJi0S897CPK52isW4q4p6fWHFULuRzAhkvVa6qyYcbTyDUe4Dhgsf1np6GvpF-TA3uV9r_dQMkEddsAYx8LRva0ybok125f3Oa9Ivx_ghjxqLOCexefLFlcfTGtQrKJkCTxfRHn6pJL8UYb0OEkLWQ6QyR-4Yze51Ubtr-CoqLXgo11lTCRNXXCrrc18nTpJeQx8PZaPrZlIl-poR4JjcQcaHUrlb0D6wGtFbHp7KI0wVAL2dFBUzx4Zn1KSPFiZqus-c1DR8VnU-D8zH3w5BFa39LpuRlEAZglWitoPdNNLM8shW5B1m6IY-p5YICYr2uDNJMfy6wZXJuWTKLfahnqe6HDhC3fKyoa4Bfl9_1GCUWSu0V4mg1nLsj2uX8CgEiny93SSKjefOx5wBkxlflv_WVECKsOivvCWk6BVUWy8h81A8Gbog9MbP4GEH-GfBWMFEsBDRUvoyxMu-0CfqGY76kAVe3mUjM2ResXpH7NMR5Ep0RVA_gaT35X9kAqmU4u6k5fRgRiQkK0zNhoZDKFUfJOVpccmA8B2_LyCIBGuQa7Fl9iHO2C9EXNpsOCiJUqnTN4TMwBuvrBH2bn1chJctOvBWuC6qLR63Jdd_tbMz_SYr5hAimUFX678aPzEOyBxPVDTuloWDDy61MJC2Z_whwSCKSqKKKgozuyaNBR0iPWqsEC5IsI9r-Ho1nbQDbPfWqNHzEWV19cPmPTeZ3OpCRexQ6JmyYn-TyMVGH9MS2oERao&cid=CAASFeRo_c6u1jPGruGgrgkmxVFzIuD2-A&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

769cc18a9271345fcfd44daeece49382e455244eadf0f9be97634438c8c1016a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 30632
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FA72 42 B
107 B 40ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DCO_Kng9FBbBfZqegvKhJqCrNIfjFzBf_ESvoVvnV9jNl9ymidM08YPdoKUgX0DWuD8FzMCV6S-sb_Yc5-qz1eLbTxw2Ev7LvhrAf8xgxTzhJHoEA

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FA72 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FA72 119 KB
36 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame FA72 15 KB
6 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA72 0
0 16ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNCDulykosEzlTboQaZYe5tU8jQr6rTdewHvVGJ0HcdEnfHdcUXC38C2g8WRsbM-3n-p3LE8OQdLkNF_1uwaeyfoIB4Q
Requested by: Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 1543 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sun, 14 Nov 2021 08:07:55 GMT
expires: Mon, 14 Nov 2022 08:07:55 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2373
alt-svc: clear

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F70A 783 B
915 B 18ms
17ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a15b69b2c160f9040002164b0da94b4bd49609459ed767d0aceb166effcb2b02

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FLUBiTcexhFkd0UaMZePLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 14 Nov 2021 08:47:28 GMT
date: Sun, 14 Nov 2021 08:47:28 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-FLUBiTcexhFkd0UaMZePLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: clear

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame DDD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1

43 B
106 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqPFkhAuywH9_wmQmGBtT4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DDD7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

170 B
232 B

18ms
18ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NmRjNmM3NGQtM2MyOS0yNjIxLWY5ZTUtNWJjMzA3OTcyOWFk
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame DDD7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1

23 B
172 B

36ms
36ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 14 Nov 2021 08:47:28 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESELuB7jga1bUStIsv24Emcqs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: clear
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame DDD7 23 B
172 B 37ms
37ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNHz9QIQ8aSt-QEYl5vPkgEwAQ&v=APEucNVZYNPXVQqYtA0R45gQOkdh_ETXCgPhUH22OxrRBwxC3poBoUikWEMfTSoiZxpnCQ-nVfnoSLa5nkbkqNEH8emPFnA-Yg8HcfaXW1yA6oenZSXGZcqWyAG7e0WHaK_mte5BAkMCINZQ2C0ltXnSl3Vfa9cLAFDUhqP9kYeH9iB3IMfG6Wc
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 14 Nov 2021 08:47:28 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B07 0
56 B 44ms
44ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqRXMIM2QYbSIFI-x7gPfkpTYDgAAAAA4AeAEAg&bg=!f3ylfDjNAAZQLpa_UC47ACkAdvg8Wge1ZWlDXSDxBODtv6bSgj_Z9ou7OwwVp1Y7yLzov_6PpewW9gIAAACdUgAAABtoAQcKAD8noPiISRsCNO9-NqgHTbCqkGfZjFxrNMY40Cs9cVry2N-jx8Ysk1OQwgtHh603EE4TC-Cyv5DnXglqiddToK-ZAwPhmN2rAC_dHArAKxbBRTWtbDKq0Y3k2EJsxyMz35SBvG2f_u5r1Wmf557FHFmMS9VzwlOxmUCORPzN3ZW8WMInNuwyzfRU0eLppgPPpw6pPh20IT6Bd34CP-iptuAXQqGwMNXWoPer0a1JzBmyg9zmTXMsftzo-BrOIqJALcm8_nKtLw6kwc_qD8r97RSkUvAYzEUfn4qJYLpQSUfmu7t-PHzItb2DD-v-2nnXRbfTHw4vnAuGatLQUoHCQS5sUPxbdvjCUr-hvJHspAbVzugYnn-kging9Au5Micf6PlRx7Gt6XRu3z5hMN3SZjX0idiysLS9imim50AmZNKVJOYLQSHX_7arin-pI10pLmpW1pl7s_fFWaTJP0Xj3kj0ULQq3euTeR4eIFjyYTB2Z9imWLsEXMva1UWIup_2-0eUqeXreocINwA6kHShECSCKjnV2Xpb25fVGIeFoPt7Al4Fu-e0BW1waSC-wkxy4zwHcMILeeIZ2NGMy0vhzKAmwS85i1FCxVEvIHD3uZeuQbJuLUmmE4InxEuFCUoI6u4OudnsWNmnRNiVRpyPg0pd0GiJubI6Li3vloOND9oXwFDU6lKS2SlT5uqS86m3zXoTlkUlj5OH5GYH6BQnElJM7c--I2EGf-Q4ZAn9hkuiai_dnwojDKltISJfgZyJvD09H9SJSVkTSy-7ZcIZqQ7YrdhUlo8Rjy_bwAC86Vol75upEish8hrLrb_d4105zjaSDunAb4V5o9f368V9jsFjRnZjvb4DPJWIh_JH5mi6LykkSY60pQw3282CsmqR4GNks3I0AZGPTyKD1BLuZPhPshLJuzSbcWtv45AfowPzGzvkW3GpP8alblIgO14chdkHF7N2N4H2Qu_AoBFkyl8UXlB5n-_qxXkeDzrOgat6QwdXpBtEneYpT8CRXbWwe841tCZIFo5kDXA9r8JX61srNkXVzjduo9ZhMgZVI0yEbFK7ZxZ-36BhcKmiEDoQJtqSAVGEyJI5JUiPRndmoC2LK3ONIYY

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame FA72 106 KB
37 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Origin: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71575
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:54:33 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame FA72 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AbACy7MOHZsmj7qt6kyOPiyP88HZUNeiHHYt1JWBxm6olCeGhiktrHOcEQIE-uZElcgN46ffHEAGIQAtteUHqDUyQaO0vF_9r_InfsACYTIhzzRT-5O0dBXhyhX4DLazivGu4pUQTcHqMip1YfwK0d1V_LZQ&dbm_d=AKAmf-AKwIkQ4ik6AU3mQRzuV9yeMiXzPX-YsGPtHwYmHQboNac5qiNoKz0t_dFKG8ztKw0KR4btdPlZPo5ZPMe29CMmpYjKcQmXXu86jLMBSLu_k82Sz9UnIxwlq0BewNbXu9U2Us6bEJcpxpJzSir_viwOSkSkdgMdhtEb6k2uMBt4xVjhCaYsjj1uj_aO2uI6ocTEhnnCHWVdGqOOho5qMxPBUqkuHQB7bH7V6EE5rqYTf_gf6_cKMsPHJHcG4pjxsLQJK3MQjcPDVm9QokJm5s6mRw68fStXigWX4XYcoKrzEuxHp7o1ZFWkVikk8cptdpifONqi9B3ysDmdAoi0HYPk2pQq0Hvks63uS1he4ZClt7NsKMpqR1v7cPnxqSniou7iNVTto0QX4Bq-As9CF3uOItU-W--MCmy8QtPMasCI8R6dkpUZ7IjUtHaKhdlMXpNEhKqcScJBvmADEXfxlMFj0JjNCU0nET5GP5SapwQiAUDUZq5frXjiPH3szrCUuMS-k7tedXFkKKZweEk9HhPlelTO_YorCX7BPETbzqDGGBhP0eVsDNBsKi5Yn801-FTLVAbLf0zl7HShBCN3HwDHhLU-qok7tZPkW7owup0kXlQQHHA4rBReol1VjxHp44LXiF0r-LxKiigqoo6d94QxYRHvT1yNg32wWinnDYBUqqBlsn77JobfuDIncm74xaGKGGI89me1e-5F4BzJjHIvtj2UA_kqgEM-GxkQBqh5WoQcx8v2EhrKWRK0nz8XGkyWEhi89jRyaTejzbm7nEC94Mixp02JMewOC81LUaPPkai7Ha574DgAHSrVdUL9v3tYJibMiQb4ynsmHuiCx9BYKfFjVdHWKEtTmhisUxGhXuP5RDI92d6U4kaoxLQB77FuvMOJ5VtQEe_5xRGNiHdkynZkPTBx7AbSH4klJyrYq40hwHuNZDIOKGUtmmX0X0LDJ-I2iUfS3ls6J0UgVOgWxBh3c1yCMKSb82UKjlWmlv46TRnnoLqMgEpI7lNV7AK2ibVO1kx0YAqYHwEh9pVeufb8UnEZazrasF95VC_aKSz5fN7hgCqOQP8Fb1CGVogNOIy8KbjXhgi9t4y7iMCLau_0DjkSfaJP3D6ItkxESHYGWyBMCzs4uoGF596glDcUqI1fZgwPgRRu-TYw2vXySfqaoB8W2ZItyBTeWJSvXBLC_8lGuKMqlIar0JylDoRrrZP-RVoMQmklSLLA02gAtRDzGxdVAwpCPSe0Tb9Y_tTFsV49kIPkE0u27sTDeWs3WzRwf9lnGYjaWR-m2kMkfZiLuD7Vr8z7UJtmI9TcYnQ49esq6kpuZbqMy92fQdKblKjuuHweraIKnsFVNjmjIF2Q77uqvJMGjFZuHXRbIbHdWGyRd5fZkNW66gQyQdlCeCHwVP5JqgfHPeJhApHzLSdgi5Rus_mb_yAP67vk17eFFlnqw7lmDah4vLXyGyd73KEOL2DaNNoDEDn4dQ-lNh7O5A7bctNlkLOQRnEBt9RMz1ISNAasu1i4FSy__73U1rdVKb8Z9HlSxPeGBr7K_ka0-FOzj9dSs78kE3aqbBzx-6VgGw-wPRcnZBzQ2glLOSGjTRRitKvgBsQ__hNP8kP0p9fskxrl0XgSU2tdlLrG3c_M89Fbh79TxnKte4ofmU_7kO4WxWHX8RP1D_WKH3sF5pnOdjZCZ8F9qvGyuvKyuddATNT43rK3syOO7tJW1zEZ7vYcVjChKcx7wAc3bHufnPl6mf33sufyYFENw6zWiNU2qFaL6bLe3nph5LlTzBdduWIg2tRtBrkhyI0FlHhbUyynN6NMJ0b_mNyODLYPdWNO1aNfOJJr9aitrEC8hhC62mgkCd4LfmNn-1pzY4jkth3q4Zb2jvozEfso0QhKbcOwqF5eHUrd29IZx3Kj7JFdaiLrf6lu35Nm19pZM7XhD5HIj8z0R2_ZTgNELJMCk4AeVTdyAHpBc7fGyoosxCtrRUSlCNlXINpGOVJObnmCQUpf9fUcWrphfXFO2NBO_3qOqB8zqlJYiW1CD31Dv5EoMeM9Z51I7OxX7ln5ZtjhWPdFtnz8AhmUHI4yrSkuBljr-36CvKT_JEn9udxH3i8ZXVEUf58as4gnSPf2HI0LdkyTcCaPm3Dvp9ywLJaSUuMbMcXYOVs3dL_bfPF1Dvn6dmzqrCNOERhczaKCyASSUPFKQrqqXD45INuvfKgqjH2HZ4CJukMAo1VKzcZryV2YPqaW_zF_jBkPvOhn937Kpt1nJx5wzp9roWOz7V32JMJa-rma03Sg6pM85qq-TugKCMZ2ztCJW_vHdnjRd1zdSwixIueFfnT8oEGun9br0wADEJfHdufhQHezRZhKi97RNqJ3SkOC2UhAZk-3oe6-ZDo53EiOmd8CBgWlcq3EtKniXVG2pXtJ6AB-LJi0S897CPK52isW4q4p6fWHFULuRzAhkvVa6qyYcbTyDUe4Dhgsf1np6GvpF-TA3uV9r_dQMkEddsAYx8LRva0ybok125f3Oa9Ivx_ghjxqLOCexefLFlcfTGtQrKJkCTxfRHn6pJL8UYb0OEkLWQ6QyR-4Yze51Ubtr-CoqLXgo11lTCRNXXCrrc18nTpJeQx8PZaPrZlIl-poR4JjcQcaHUrlb0D6wGtFbHp7KI0wVAL2dFBUzx4Zn1KSPFiZqus-c1DR8VnU-D8zH3w5BFa39LpuRlEAZglWitoPdNNLM8shW5B1m6IY-p5YICYr2uDNJMfy6wZXJuWTKLfahnqe6HDhC3fKyoa4Bfl9_1GCUWSu0V4mg1nLsj2uX8CgEiny93SSKjefOx5wBkxlflv_WVECKsOivvCWk6BVUWy8h81A8Gbog9MbP4GEH-GfBWMFEsBDRUvoyxMu-0CfqGY76kAVe3mUjM2ResXpH7NMR5Ep0RVA_gaT35X9kAqmU4u6k5fRgRiQkK0zNhoZDKFUfJOVpccmA8B2_LyCIBGuQa7Fl9iHO2C9EXNpsOCiJUqnTN4TMwBuvrBH2bn1chJctOvBWuC6qLR63Jdd_tbMz_SYr5hAimUFX678aPzEOyBxPVDTuloWDDy61MJC2Z_whwSCKSqKKKgozuyaNBR0iPWqsEC5IsI9r-Ho1nbQDbPfWqNHzEWV19cPmPTeZ3OpCRexQ6JmyYn-TyMVGH9MS2oERao&cid=CAASFeRo_c6u1jPGruGgrgkmxVFzIuD2-A&rfl=1%2Chttps%253A%252F%252Fjmonline.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:44:22 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame FA72 24 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 9508
x-xss-protection: 0
server: cafe
etag: 4184452204472697813
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:47:13 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6831 42 B
174 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvX96LXKV85RB9Gn0FCRlc5Bu4p9luhcWvvgJb9OlGANFRJGClsr379rDAP52KTVlPa-MtELnjL-n3_FDa7Lg7pjhQy9fOBMkm4jveHfFTLm874RnOs7g&sai=AMfl-YR32dLPE5_qnZc9pRhpzvgAqzcPEdeu5LfipGRriL4WEVm8LKRzXn6uOg6AJAABgdNnPkAIzoEcBdyZCKcNL6jNws-hI2NQX0vF9fRpZZfUgH9A4rQzabRF9MvWIJQ&sig=Cg0ArKJSzMetA91rAj9fEAE&cid=CAASFeRokCmyzhJGNOTnAFaswxdSqyVkiQ&id=lidar2&mcvt=1005&p=504,273,598,1001&mtos=0,1005,1005,1005,1005&tos=0,1005,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=3143867607&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636879646882&rpt=385&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F70A 0
0 56ms
56ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110901&jk=3599606928614434&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1543 35 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 390414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FA72 41 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:17:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188977
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 12 Nov 2022 04:17:51 GMT

GET
DATA 200
OK truncated
/ Frame FA72 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 984437ad2846a9404d6805379409795879686289ba955d0b76a12e5ace11aaac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 V02_728x90.html Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 15 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 3248
date: Sat, 13 Nov 2021 15:59:11 GMT
expires: Sun, 14 Nov 2021 15:59:11 GMT
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 60497
cache-control: public, max-age=86400
alt-svc: clear

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FA72 0
61 B 49ms
49ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEdquvr5HBgMFyNPykQJlh7M1joGqvYEeRavxZ9NqaqGfzQmdf-8i9ofFRAtgd-HmsYG6YCqDr29UBJxXLWY7T2UDpYnP7tTnQOA7Aif-hqnQ_LxRckU16zjuqfQ7M6t5tQJYD36s2mgDqgyLiguslNrTUB_N_cG1bTxohrgcB-ThAroZ_gXiXUuu250Sm8Sr-3-nXqHaL9BhzGYPaAWIOqLLKGeBeme16c2GjhYv8PoBYeRjUIvgtJA9OdZiELXV1utZWhF3q26Z6gpE5BW-70AV7XtAWTQ2q4quhduvclcGcxUmQcXlL1ATCDLDp1ss-qoPslwqo9p9wNEwyGKSsRgLoIvZandoUpbwnV5JNFdQzUTI9hxowZDxxXcUcI5asDP3UBTcpeN6US_hV73ySpmkJsLdZopC0lZUAXZZvF2vAtX7ecR9nYuc3Dve2-V_slSDCm14co2LgDkhjHCMf1OwbQeNi3BXJKRiROJMLudAaK29apa1A9x3Her9wtFzDxvYY73y_xBWrhYYZUxaurXqMy4-P5c1uDWHZDd61mpNVJGGqcB8dDANte1xiwm3X1d_kshyAhSbXlXf6hbgh2XJepKWJJGInWlSrL6nhzCjNp8iH3E0iYE_3Spx_Cn4lHKwIK0vZyUJC58dlGB6EruImpIr8jbeqoP9Rp8xqojqhhYPpeCb0-XoLLclONurIbN_YSa7iWtjFzeEIS76OyYutDNelSYkozUJJDNel3EsKm1BzjYsNLnG2YXDYhfzEOjf0-_cs3coG4PPSo_m1c1JYp-Hv2fPYk8e2mN2nUkKoCfKz3dzgmAgdK6Ty8qzYWRtHXy3vsKk_vZx7RPh85b0a_pZ92O_HLwbzuyL-2pOHIkkXJbQfqJhOSuyXczg2SRnjBTzOUVUeh_YZX4uCXMMf9Ukv9QhbsNwmkluXiddwdAwZ3A0cqpHY-eMO--6SdceP4YtqCSe9IOrO86Cbh0qkQMOopugAMNNcMGxRpw6OjI-gLDhzIB0KBSGU7dQhN1bnBgES5Na23CrU_v-vi8Aang3cYT7T3D5r8FHwO-t53SJMIMQgC4tmJvXcNIJN52SUjKPOVbeoZG0_oz-K8OkigqQ4Rw-D-faCN5RCa4_TPEZa3a0tKOStbjprDkObZmfFm7q3J17MByXy1HNjSL707i9_IlsX-zYke1GiFG0f8ccIPNApToWRJvDCFw&sai=AMfl-YQHiu4elGwsq7Be4PqZfKe8njq7-98mgvjqtXP6YUKFeItR1fdI9YJRNuAlUEUL-NpsbQDSvVUTLsu_2aWqsHIH4QrsyBqPUOtxuIkjQBpoWhnIWcZ4ENsqnddEpn2e9p_kiKe0TE28sH5hokaKEVwrymlvdlzezbxUz0g&sig=Cg0ArKJSzHp9_kDUo46HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=56&cisv=r20211109.24313&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 14 Nov 2021 08:47:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7A28 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 10 Nov 2021 14:17:34 GMT
expires: Thu, 10 Nov 2022 14:17:34 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 325794
alt-svc: clear

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F31E 0
0 45ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfZlvx5K0nzIE6PQvWrSF230aJf0wsXzUrShwLi7jaUfvh9QNxs9opqP6FAgk1jfLvfn4eqPqhJxM2prlOzdxQ7fg-KBDaa2869wzL0-YR5YdiGmmOMherX0lij1DJNCC16sNPw89YbU9NV2fxq5nJ4Kh8Xdv8_nL8BMn0O83r_dvDK_QoTLbbyhhfSKRzVf0ns0herAZ39G2pQ-12Q5Io48b5-_tJ3twOKSvWNFDZO0QVv6dyFgKzkc-Jci0EQAx1UoQqtUT6SAGyrXscx-Oi16nH4vLzRDrsMSXVl9rZKkEJc7pojWQKCtAHf_AbGfJykakgbNvbGHr1V3zH2V144l3tZc-M71LYvhEuVjo&sai=AMfl-YTcJ495-n_lwKdVTVguAHMxhKGb08aYnYI0FU5CvBHuq79oiSTntU-1mHjxzULW6DLP3y6IfXCYIP0_4HJACTBaEM6QS91e3ETJbQgOWU7-R5H0hhcEl2_vs23-7Th-&sig=Cg0ArKJSzJ088iX_WeMlEAE&uach_m=[UACH]&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame F31E 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:37:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame F31E 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F31E 119 KB
36 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F31E 0
0 15ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzdYA1AWqDBQhztxkLHEd5XHjTNet8U_ysgzCFUPkfmH9oX9zdohEqgMf-5n_zZb11HuIC8bGJw_u7EUSWfosOZI2RUA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 13688217665173408139
tpc.googlesyndication.com/simgad/ Frame F31E 75 KB
75 KB 8ms
8ms Image
image/gif 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13688217665173408139

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dabbdb2e46a8224a5d5d5329624046b2397b74460fa97ff1724368de93b34bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 00:53:39 GMT
x-content-type-options: nosniff
age: 114829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 76789
x-xss-protection: 0
last-modified: Wed, 26 Dec 2018 18:48:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 13 Nov 2022 00:53:39 GMT

GET
H2 200 gwdpage_style.css
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 55 B
175 B 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdpage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 12:35:40 GMT
x-content-type-options: nosniff
age: 72708
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 55
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 12:35:40 GMT

GET
H2 200 gwdpagedeck_style.css
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 731 B
332 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdpagedeck_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67788
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 234
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 13:57:40 GMT

GET
H2 200 gwdgooglead_style.css
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 24 B
117 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdgooglead_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:29 GMT
x-content-type-options: nosniff
age: 6419
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 24
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:29 GMT

GET
H2 200 gwdimage_style.css
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 281 B
229 B 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdimage_style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6419
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 158
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:29 GMT

GET
H2 200 googbase_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 247 B
296 B 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/googbase_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6443
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 196
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:05 GMT

GET
H2 200 gwd_webcomponents_v1_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 21 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwd_webcomponents_v1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6419
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 6266
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:29 GMT

GET
H2 200 gwdpage_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdpage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6412
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1306
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:36 GMT

GET
H2 200 gwdpagedeck_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 8 KB
3 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdpagedeck_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 13:38:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68920
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3145
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 13:38:48 GMT

GET
H2 200 Enabler.js Show response
s0.2mdn.net/ads/studio/ Frame 5ECD 134 KB
45 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/Enabler.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:40:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 46298
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 08:55:27 GMT

GET
H2 200 gwdgooglead_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 13 KB
4 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdgooglead_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:59:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60495
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 4332
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 15:59:13 GMT

GET
H2 200 gwdimage_min.js Show response
s0.2mdn.net/10183190/1601891602692/V03_728x90/ Frame 5ECD 5 KB
2 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/gwdimage_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3803
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2001
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:44:05 GMT

GET
H2 200 container.html Show response
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BF9F 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 14 Nov 2021 08:47:27 GMT
expires: Mon, 14 Nov 2022 08:47:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: clear

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0545 42 B
108 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYhy7hrrjg4FFyn9D4G3AmOG01y9P2GAnNeMu4MyjjKiYGFLNKJbnPT1_AXyMS7_WeDAPYqb1FG4MQuW6fo4wr4COPfABEqCGei_P5Ng7N0j5oHBuBjw&sai=AMfl-YQbYMKGmw7eqPwk9aZTBRWVvEJBQDOHTIlkntjRz6TgtOkyQMr7v6XmSrHFkaCRSmksfl6qZt8JKlOG5eiFUqC2wUyQZZ-Ta3nEHN1uLtQJn2ogkzV5fvSkViFPeXA&sig=Cg0ArKJSzCkpwNqtMKUlEAE&id=lidar2&mcvt=1020&p=1111,549,1201,1277&mtos=0,1020,1020,1020,1020&tos=0,1020,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=22&adk=777013210&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636879647159&rpt=289&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F31E 0
0 44ms
44ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupXW88T-iSZkO9Gyit4xFZmKCX9WQHj2zVjwtHZ5PzeZxeK1up7PHytf98GV-jvbX-TL0QR1BybhFMZ6ds7M4_wTawpoZM9lAhzlEqqPc2OmZdemBnztmLDGBX3cMHtUWpHuXTMW0C9AIk1pwn46HHgLp9e8kSNLzdy8Pm2YdPeQ1W6ckZABBbxi0tH8VWRxOKgwYGgiQAgiAZFmbqYDUAj-uLyfT3CHh4JbgFUB2giq-2r7PtGnw8buR3-fCvlxG3BeojyGFbMlJA4e_OveuMqPKffKF0MTvI2hcNTqqmeUEe6nNmRN9G1vuxjdVcxegB7q_G0pb61qzHq8xtU5IYVoU&sai=AMfl-YSZPNpqbk59NGXwg4pOfZwXn5iUdi_y9ZdCeZG_5EjbUFbjp08MwEctYgs_5-Ed7aSweZ5_iRraj4ctPyC3UfcA2_DFtI6jABXp1EaHjMNA5cMnGt093BTjOs_TDUG4&sig=Cg0ArKJSzAZ590MwBx99EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
DATA 200
OK truncated
/ Frame F31E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d353ed736ef8a3acd3e0a7e3ef034bb4a671da40eb79a55c384ba83b2585771

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FA72 0
60 B 44ms
43ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuEdquvr5HBgMFyNPykQJlh7M1joGqvYEeRavxZ9NqaqGfzQmdf-8i9ofFRAtgd-HmsYG6YCqDr29UBJxXLWY7T2UDpYnP7tTnQOA7Aif-hqnQ_LxRckU16zjuqfQ7M6t5tQJYD36s2mgDqgyLiguslNrTUB_N_cG1bTxohrgcB-ThAroZ_gXiXUuu250Sm8Sr-3-nXqHaL9BhzGYPaAWIOqLLKGeBeme16c2GjhYv8PoBYeRjUIvgtJA9OdZiELXV1utZWhF3q26Z6gpE5BW-70AV7XtAWTQ2q4quhduvclcGcxUmQcXlL1ATCDLDp1ss-qoPslwqo9p9wNEwyGKSsRgLoIvZandoUpbwnV5JNFdQzUTI9hxowZDxxXcUcI5asDP3UBTcpeN6US_hV73ySpmkJsLdZopC0lZUAXZZvF2vAtX7ecR9nYuc3Dve2-V_slSDCm14co2LgDkhjHCMf1OwbQeNi3BXJKRiROJMLudAaK29apa1A9x3Her9wtFzDxvYY73y_xBWrhYYZUxaurXqMy4-P5c1uDWHZDd61mpNVJGGqcB8dDANte1xiwm3X1d_kshyAhSbXlXf6hbgh2XJepKWJJGInWlSrL6nhzCjNp8iH3E0iYE_3Spx_Cn4lHKwIK0vZyUJC58dlGB6EruImpIr8jbeqoP9Rp8xqojqhhYPpeCb0-XoLLclONurIbN_YSa7iWtjFzeEIS76OyYutDNelSYkozUJJDNel3EsKm1BzjYsNLnG2YXDYhfzEOjf0-_cs3coG4PPSo_m1c1JYp-Hv2fPYk8e2mN2nUkKoCfKz3dzgmAgdK6Ty8qzYWRtHXy3vsKk_vZx7RPh85b0a_pZ92O_HLwbzuyL-2pOHIkkXJbQfqJhOSuyXczg2SRnjBTzOUVUeh_YZX4uCXMMf9Ukv9QhbsNwmkluXiddwdAwZ3A0cqpHY-eMO--6SdceP4YtqCSe9IOrO86Cbh0qkQMOopugAMNNcMGxRpw6OjI-gLDhzIB0KBSGU7dQhN1bnBgES5Na23CrU_v-vi8Aang3cYT7T3D5r8FHwO-t53SJMIMQgC4tmJvXcNIJN52SUjKPOVbeoZG0_oz-K8OkigqQ4Rw-D-faCN5RCa4_TPEZa3a0tKOStbjprDkObZmfFm7q3J17MByXy1HNjSL707i9_IlsX-zYke1GiFG0f8ccIPNApToWRJvDCFw&sai=AMfl-YQHiu4elGwsq7Be4PqZfKe8njq7-98mgvjqtXP6YUKFeItR1fdI9YJRNuAlUEUL-NpsbQDSvVUTLsu_2aWqsHIH4QrsyBqPUOtxuIkjQBpoWhnIWcZ4ENsqnddEpn2e9p_kiKe0TE28sH5hokaKEVwrymlvdlzezbxUz0g&sig=Cg0ArKJSzHp9_kDUo46HEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=250&vt=11&dtpt=192&dett=3&cstd=56&cisv=r20211109.24313&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: jmonline.com.br
URL: https://jmonline.com.br/novo/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sun, 14 Nov 2021 08:47:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A28 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 20:20:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 390414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 09 Nov 2022 20:20:34 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame BF9F 4 KB
730 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 07:57:47 GMT
server: ESF
date: Sun, 14 Nov 2021 08:47:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4973 3 KB
651 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: clear
x-xss-protection: 0
last-modified: Sun, 14 Nov 2021 07:54:42 GMT
server: ESF
date: Sun, 14 Nov 2021 08:47:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4973 1 KB
931 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:34:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:34:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/ Frame 4973 19 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/abg_lite_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:37:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 7882
x-xss-protection: 0
server: cafe
etag: 2787528384799239804
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:37:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4973 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/window_focus_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:36:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 671
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:36:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4973 119 KB
36 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: clear
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Nov 2021 08:47:28 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/ Frame 4973 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:35:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 16025856826866802794
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:35:22 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4973 0
0 15ms
15ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSU8eSZvt62x5Fo-nNFY7Iw1DIARq66-ci434mbzripU41nhrvrANzd6KWFBdEV5naT_NwQ12VtVnEy0WE8-2o6OBUmnQ
Requested by: Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 4973 27 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 09:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 10 Feb 2022 09:00:33 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/ Frame BF9F 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211109/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 08:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: clear
content-length: 8107
x-xss-protection: 0
server: cafe
etag: 4972561305884240788
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Nov 2021 08:13:29 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF9F 205 B
519 B 7ms
7ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options: nosniff
age: 217008
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 20:30:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BF9F 604 B
696 B 8ms
7ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
URL: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:30:29 GMT
x-content-type-options: nosniff
age: 227819
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 17:30:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C4E7 42 B
108 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssODlU_RBNOl9Y2M6wRyddwjPqxKf0ELLBMm9xfye-sRzUPLuSggTpkI6bL-ehZvLuqVVOdChFH81YUSi9BNAKgXjLzbIiaq9BwkisyUvZh-9IUoHvZIw&sai=AMfl-YR1n4W1QRuxAUvvIT8v_SL5MgxgKUmatj3iZ4EdIGDEQ0705_MFNWg0rYglnhyaR0QfQ7VvD_YB_OcaEbDJft9oSRBRrlF8D1aNt_x1rg_-4LkhSWe7_B7RxQBI0WM5&sig=Cg0ArKJSzPTz2G7-bQCVEAE&cid=CAASFeRoCmsNPa4cyfycjIP5uOJg1givZA&id=lidar2&mcvt=1023&p=435,1078,689,1378&mtos=0,1023,1023,1023,1023&tos=0,1023,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=3811221894&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636879647519&rpt=133&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 42ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110901&jk=3599606928614434&bg=!V1SlVBDNAAZQLpa_UC47ACkAdvg8WlOmuwwqGH4nFPsjlEqne97L7vjxi5HE0yMRogwjK9tMly-ptAIAAAFRUgAAABFoAQcKAD_btC-pjAG9smacNaciYLxOAOOFThXNYywAyYsOBD2MoVcfbHIYc8LVH8Xvzoz2xRAnqPg2wz1_Ya3qolePlhiZAqql6vcCiKu2oSvJ9hhjPrKug4cQTeDbi7-sfrAGvU1sx3s_XsUwTob4M0VrPmRNuk7vz2_x_yxb3213CBXQSKfn12x2T0hxqEWXfYhaQ-qAlDCSmAeuMloOD2yL2LgU8OyABTSjyED_Y8WJhtlEThWdVxZLF6t5oc1m6qPQbIfRipJdehWzihigRF6KAJe2DuiltkHZ4lxOEtAJR_1K9WyK-5nEzmMWIi9txZm3I6_pVaCRZEnoGa5AeeRlyUMfi32aMVFVbJ9DXzc7N272uimBzyf_yYifgdIw9_nTuOBoUI6tsOAagMIKd0FzFpc1DjGDGTgIz6xUN6NnuC9U8XkSZl5ggfy77ZqvJvRolxgG_BleHNUlxvxEqjkURDdlXtbbxP1Fd3ifDhtPsNTSLGpeQiSZPnKLa6Sa-x2A1TU49nGDXPUaG9jJYzYmM3t3d4hvx3MKP-uHJ27J9CoLJXt4nf5ri9OKZWAFRPI3_JttkRp8UKd6MkZO4uW7GuJ7fld9vJNuZDOIZHEgzCzkUovNabsnIPdQ9WdhJSMZiZQJVBt2CSgwp5NqTX4vXSDMrL_JvqmW2slHyzk7_uFfhGdKWmESbru05ZG-tuRBW1DctlfytR8xAjBr-uzNsOpZy3Hp15ZTbFDX2Et56xjL3yL4QC29C4kO7JuPrAjhVediGaj2Hub0stKkZ6vuhJ-uIatxCzGwDC2L4NvwuEi4rqY-MJAFpZ9SCzJEGHVcR4VpjyLIXhdzMMwfjlHdYN0EYLpCAnxHZkecorWck2Naz2VceBbJKYdW8SxBHf1lgJnwnAc3C4eqbh6ani5opIk8J550usWdnbip_9CU7BT-tOfgNVqlc5b8xixbP3XJWpzCL2GAtJyAH1STv3GleZzAxKzHlmo_pG0UAffe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A28 0
56 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc5XgIM2QYdb8J4-tgAfJ7pfoDwAAAAA4AeAEAg&bg=!S0ilSAzNAAZQLpa_UC47ACkAdvg8WsYNTTiHplGYV1yxYO--ed83txO8p-utHRuhcgb7K91DnjnSbAIAAACRUgAAAAtoAQeZAzwlzLYGNRdjrr4UNx4dHj67thDYROHCt8sgwh9jWqhBh-r9-B84Zf5NC9oBtce3Zp-Wq93nuvmC6OmYd_aLR-hNPhmVZqPFsHa0Mpe70_iIwhf74rjeB258y7lbmJdl2g5hsB2H6CNBo1s21HK8XC7gCW7o5q3MTTGksudGQ3UGyxVTA_4oWODMbdtmbfy1ekEneaxWcwtX2I8zqIFQhn9fCvTrrsX4sTDEflwecW59JqxpUq91KmzjVCPcxmwTIpQ43TVghv7DYtEDXPV2hP24Dkq_s19127czNM9pXSM4npTPPFFJRtigILqijOsngnS2DMQb1rS2vtAPJ0L0WKXvv5NIG0CayP5-zTwIrbF9TYRFW6AXpy4_--N0dB4ePLC5IGw2Wjgxkpzh7z1dm0gcbWQBkzv_wVGI0X65XhZKeqX8lMbPapSQplFPyo_TXIMv1VyOlTWOctdgpN8MkkQ01AyWO6jyTgBoVI4E7diUziq1yX2AOgffnN2byx391krQZEuYYSaI9E6hmHyeI9R3JXMvVUKEkiwi5QYtfuRvYtMSbYot-ZQ4Ks0o8AO8L0FvNCYn4dtbdy7CxTl4CFgmNFbBRNsXAjJMj9KpTk4sVUVnv0fsCJctOpHdG7v2z8UJh7U5DuGjOrKoaci16fBQHRtP-tiEXEnfpcuBbiOo8p-htCxMRY5apKje5kESoA18KpVomhUWBykGVodVS5K7cAFmWcrtG9AwCqCAflqiVQvMUelM6nK0jImLWbaKq267OfExgXzhMwYEQo3HpGs4dBL4fpZo3Om1HAbRJWz9Nm7_teF6xYkAAd9h_quYof-OTC7fQpVRJTXNAcvM2HHvbi7j9BNhW5FK1lhqM-QeX7amNMAAB1L8_YnC24W4GFEuoDYhH5h5C1ZMbVu9LpgebtqCwqoqWSL-dR8z7-swULmo5ztobvctWA2REpgwiXIxc61AjO2y5eHhjc0gOq94NvFGLKtnTs8N0BvxxK8fTTWyolcGj_OMl-sjVFtwbHMh_kE-DfYOhTz-XfdJhsfVDfhfYa1YSnIS2024PmPg5wHDiv7nBJMVRywxoi6OABWIQEuk_gWFvWtyhW8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 stream Show response
a3.pubguru.net/ 2 B
352 B 12ms
11ms XHR
text/plain 18.184.28.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://a3.pubguru.net/stream?beacon=arinterval

Requested by

Host: m2d.m2.ai
URL: https://m2d.m2.ai/pg.jmonline.com.br.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.184.28.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-184-28-70.eu-central-1.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jmonline.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 Nov 2021 08:47:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Apache/2.4.29 (Ubuntu)
access-control-allow-origin: https://jmonline.com.br
x-frame-options: DENY
content-type: text/plain
x-m2: 1
access-control-expose-headers: X-M2, X-Duration
access-control-allow-credentials: true
x-duration: 2
vary: Origin,Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F31E 42 B
108 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKxMLSqP5Ulvhm7z65RjIQ4i28qCMP8_IhQ47JfSY6K-qw7g2rdZL8FsYFZcdW-tfLWZq6KnRKVXD3allhKRZGT-5m1keAgauJ9m-2n2zsE_U0-Uw3&sig=Cg0ArKJSzFlOvOv07GXlEAE&id=lidar2&mcvt=1000&p=16,199,105,927&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1700462222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636879648405&rpt=120&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://jmonline.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Nov 2021 08:47:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: clear
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iPhoneXS_spacegrey.png
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 14 KB
15 KB 10ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/iPhoneXS_spacegrey.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 08:56:40 GMT
x-content-type-options: nosniff
age: 85851
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 14789
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 08:56:40 GMT

GET
H2 200 _-spacegrau.png
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 16 KB
16 KB 11ms
7ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/_-spacegrau.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:21 GMT
x-content-type-options: nosniff
age: 6430
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 16230
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:21 GMT

GET
H2 200 imac.png
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 27 KB
27 KB 11ms
8ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/imac.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:59:31 GMT
x-content-type-options: nosniff
age: 60480
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 27546
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 15:59:31 GMT

GET
H2 200 04_txt_1.png
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 3 KB
4 KB 13ms
11ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/04_txt_1.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 13 Nov 2021 15:59:31 GMT
x-content-type-options: nosniff
age: 60480
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 3579
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 14 Nov 2021 15:59:31 GMT

GET
H2 200 CTA.png
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 1 KB
1 KB 16ms
14ms Image
image/png 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/CTA.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:21 GMT
x-content-type-options: nosniff
age: 6430
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 1216
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:23 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:21 GMT

GET
H2 200 refurbed_logo_blue_2020.svg
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 7 KB
3 KB 14ms
12ms Image
image/svg+xml 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/refurbed_logo_blue_2020.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6411
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 2505
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:40 GMT

GET
H2 200 brushBG.jpg
s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/ Frame 5ECD 13 KB
13 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10183190/1601891602692/V03_728x90/assets/brushBG.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/10183190/1601891602692/V03_728x90/V02_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 14 Nov 2021 07:00:10 GMT
x-content-type-options: nosniff
age: 6441
cross-origin-resource-policy: cross-origin
alt-svc: clear
content-length: 13034
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 09:53:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 15 Nov 2021 07:00:10 GMT

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_lazy Value: 0
jmonline.com.br/	1970-01-19 22:41:23	Name: pg_session_depth Value: 1
jmonline.com.br/	1969-12-31 23:59:59	Name: pg_geo Value: {"country":"DE","region":"","ip":"168.119.25.196"}
jmonline.com.br/	1970-01-19 23:24:31	Name: pg_custom_timeout Value:
jmonline.com.br/	1970-01-19 23:24:31	Name: pg_ip Value: 168.119.25.196
jmonline.com.br/	1970-01-19 23:24:31	Name: pg_beacon Value: 1
jmonline.com.br/	1970-01-20 07:26:55	Name: pg_mm2_cookie_a Value: fc0a555b-352f-4bc7-b1fc-ea6886d45bae
jmonline.com.br/	1970-01-19 22:41:23	Name: pg_session_id Value: fc1818ae-98a6-4a91-8b36-2f99a66fb31f
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_tc Value: sample
.clevernt.com/	1969-12-31 23:59:59	Name: hstpv4user Value: eyJJRCI6IjMxODg1Njczd2FuNjE5MGNkMWVjMjk3MyIsIkNUUiI6IkRFIiwiUmVnaW9uIjpudWxsLCJCcm93c2VyIjoiQ2hyb21lIiwiUGxhdGZvcm0iOiJXaW5kb3dzIiwiTW9iaWxlIjowLCJCb3QiOjAsInJlbW90ZV9hZGRyIjoiMjgyNjM3NzY2OCIsIkxhc3RVcGRhdGUiOjE2MzY4Nzk2NDZ9
jmonline.com.br/	1969-12-31 23:59:59	Name: pg_canonical_session Value: 422bc11527578f522a91ef0d7f477690
jmonline.com.br/	1969-12-31 23:59:59	Name: pg_pl Value: 10
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_quick_check Value: true
jmonline.com.br/	1970-01-19 22:55:43	Name: pg_ua Value: Mozilla/5.0 (Windows NT 10.0 Win64 x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_latency_before_tc Value: 365
jmonline.com.br/	1970-01-19 23:24:31	Name: pg_bot_percent Value: 99.99
jmonline.com.br/	1970-01-19 22:55:43	Name: pg_bot_reason Value: mrf
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_bot_model Value: 1
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_tc_response_time Value: 107
jmonline.com.br/	1969-12-31 23:59:59	Name: pg_analytics Value: disabled
.jmonline.com.br/	1970-01-20 16:12:31	Name: _ga Value: GA1.3.382171589.1636879647
.jmonline.com.br/	1970-01-19 22:42:46	Name: _gid Value: GA1.3.1439638825.1636879647
.jmonline.com.br/	1970-01-20 08:02:55	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1636879646950],null,null,null,[]]
.doubleclick.net/	1970-01-20 08:02:55	Name: IDE Value: AHWqTUmziSwnZgoh8UNAwXD06qYPb_F7yNb3pZG-TFBEhD61mo2xn74MzsH2wR6tTSU
.jmonline.com.br/	1970-01-20 07:26:55	Name: _hjid Value: b213d578-90ff-4967-908a-7c26c38fd90e
.jmonline.com.br/	1970-01-19 22:41:21	Name: _hjFirstSeen Value: 1
.adnxs.com/	1970-01-20 00:50:55	Name: uuid2 Value: 1291439584273107851
.casalemedia.com/	1970-01-20 07:26:55	Name: CMID Value: YZDNH3poSbNACsEp7bkakwAA
.casalemedia.com/	1970-01-20 00:50:55	Name: CMPS Value: 5208
.casalemedia.com/	1970-01-20 00:50:55	Name: CMPRO Value: 1153
m.exactag.com/	1970-01-20 00:50:55	Name: exactag_new_gk Value: 8b0b87af7e6e4f0fa316434a8b4cb3f5%7c13.01.2022+08%3a47%3a27
m.exactag.com/	1970-01-20 03:00:31	Name: exactag_new_uk Value: ee01b061448d4004a2e3d34b0a9b5308%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: cc7ac928bd97455f9e8897f5
.jmonline.com.br/	1970-01-19 22:41:19	Name: _dc_gtm_UA-6221640-1 Value: 1
.jmonline.com.br/	1970-01-19 22:41:21	Name: _hjAbsoluteSessionInProgress Value: 0
.casalemedia.com/	1970-01-19 22:42:46	Name: CMST Value: YZDNH2GQzSAA
.casalemedia.com/	1970-01-20 07:26:55	Name: CMRUM3 Value: 2d6190cd202760CAESEJTyP5cUIlMzPYu4vfopf7A
.adnxs.com/	1970-01-20 00:50:55	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU)=E@/b!A#Ed.TOKKnyW<U1`VROYQM-:E![f>Ri<=Qc76cjDEUm6AN?P-Xs4#5AgmDZ/X%W#.wL4W1Qw0wn^@uG
.doubleclick.net/	1970-01-19 22:41:23	Name: DSID Value: NO_DATA
.openx.net/	1970-01-20 07:26:55	Name: i Value: 92052bde-5cd9-4772-b6d3-c992a952d430\|1636879648
.doubleclick.net/	1970-01-19 22:41:20	Name: test_cookie Value: CheckForPermission
.jmonline.com.br/	1970-01-20 08:02:55	Name: __gads Value: ID=55f671f8a5252730-2212c85cb0cb0074:T=1636879646:S=ALNI_Mb-zO3-5h23mjqOJsW6mY6HJ-N1-g
jmonline.com.br/	1970-01-19 22:42:46	Name: pg_pv_time_1 Value: 5078

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://m2d.m2.ai/pg.jmonline.com.br.js(Line 1) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a3.pubguru.net
adservice.google.com
adservice.google.de
appradio.app
cdn.ampproject.org
cdn.datatables.net
cdn.pubguru.com
cdn.sendpulse.com
cdn.unblockia.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
f7c9653b4dcb8774b7091ae591e2e0b0.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.youtube.com
jmonline.com.br
m.exactag.com
m2d.m2.ai
pagead2.googlesyndication.com
s0.2mdn.net
script.hotjar.com
scripts.cleverwebserver.com
securepubads.g.doubleclick.net
sender.clevernt.com
stackpath.bootstrapcdn.com
static.hotjar.com
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
ui.cleverwebserver.com
us-u.openx.net
use.fontawesome.com
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.111.242.245
13.224.186.21
13.224.186.39
13.225.78.69
13.225.78.77
132.148.23.221
142.250.186.130
142.250.186.98
148.69.64.76
148.72.158.239
172.217.16.130
18.184.28.70
2.18.234.21
2001:4de0:ac18::1:a:3a
213.202.235.9
2600:9000:20eb:be00:5:3aaa:f40:93a1
2606:4700:10::6816:325d
2606:4700:10::ac43:2825
2606:4700:20::681a:786
2606:4700:3037::6815:4e07
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::200e
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9a
2a02:6ea0:c700::10
34.98.64.218
37.252.172.123
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
024c04b7dea180957db3edc6f68ec2ef4b4276a70106d34d0f6ef41c2445a7e2
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
031d641ba4d2b9a3952275f19a3862d95d9c78d3ece3a9af5e31af435c7762bf
03870ae69d3dd5dcd4d5ab34c9ec31ea132c0507f3c80f71fb5526075d9f102f
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
07b9621ff6886bdda3fbafc4d21319eab9a92a7922d38bacca72f5679249ac32
07cb07bdfba40ceff869b329eb48eeede41740ba6ce833dd3830bd0af49e4898
07d75390564d260e9f5d987e26962dd1cd98ab1a7e465bb674721e39cdfe7413
0813004d02aef3b1897a11fbc73c26e6229478879b60745d09feec4d843f5a39
08c4b8a34966037c9dd8132cbb900c0031e2e63b723300fafc71b675e02b27b1
09653050bc2ba6de4b89fa30c204ab327fb8bd6506170a2da0038747113d9065
0a26e1138447c9f0ac21dba5e781d6ceabf3567960975389e0ddbae76b8ca16d
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba2a1ffeaa1a07b9dfe8052289ab23cfc71b61b26fa59ca11d587bfdaa71afa
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d7845c01468ed82f644cac1c1cbdea3d717fb3f48909e24d6a413b3b5d57dc2
0f18155ac468ab90d65b7df4dddbb11941efd1fb7f0240e3b685a079a2dbf445
0fc0076a36c38f39206bb258eeb8bc8e383b96a6ccd26024b0b088d9e0b192af
0fc140cb74358298ad25a41a332801c252d77f72748b40b8ed6bb12f52c7ca52
101dc7f34320cbce5950b82377f76ea6c59b54797aa19628de9b346497e7aaf5
1242d21c59ba368e07764c5451f54d6987bec7f59453a6556bb19c92250317b1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1323112ac126d2bc27da6f7e045a1f8d06a1dabaad2560ef8e8297cfc9379a2f
15787836ac9df327acae1b49404def5b0a544e39a3c42d1d0000430f7ba7e424
1839389a0754ca843c3525814f1b10836e0f94dec6cf0b10af330b944bf5ffe8
1ac5c3a1604eb19f5c47e157ea3b58b4297428e653b74d6def6b41661a25eb5c
1b4c97a2809cdb53153139544e1f5db34e4917c8f01d2dd94cb9519e24e1ab3c
1c83331cc31168f8f2f4c7d655437d2ff7368635e7d47954c47df17f517b5381
1c83fba60740d49f379ceb181b9d240ee70f920ed3903aca02d16ca597eb1297
1cb8b3a14d5756545adc3c8df621040eee4f26d66766dc22f287119771ec54d1
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
21a2f4c32f04d8a662ee0b19db395ac35a6a32019876730584749554b5e80b23
23b31ce93cbdd1de7660209c61bd14fe9b271fd225c62d93187b2401391e87df
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
27d421895da60ea13add6210a30bb8fc76b22e636d1de836b0407b0037691ea4
27ff0721aab1160698ab6898c1a23268c27e1e61f57ceae21859a63527457048
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2afb060aaee5219803ecfbb23a2886b86946ad7200f44deb2b416540f29658dd
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
318fff9a9efd74524a89fbd610fb3511c63f684448566a4bd00cde27d56f1a0d
32322986a3b686254b0bd0a35a1feff3886eee67ef8812baf9a7a0185df71a63
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
376b71acfc81e9af8b707d78e0734ea7b92836f7b95603e7ee755ca480dfd49e
37f6bad2ee6defbb164be8b6d9354d47130f8b33aa9c8a798b836117e95e8350
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3998b6326df9560efe1b75c2a4bb91068a098439e7fd1489ea6bfb3f59d9ca3e
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
3c17c5dcb65b604559f3ed5fc759b5190e931d30996b983a29407d6ba4319807
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3e47b54e1b76f6feb7c8c551fd3f21457dbd27751805e20559e44ce0fb2e93b6
3f73deee728e30afb499760c87623eb1bf65458f573f365fe0e28d6fd2a83d92
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
416a3b2c3bf16d64f6b5b6d0f7b079df2267614dd6847fc2f3271b4409233c37
4349be317d65f0ab30165457b5e37dbfc0ef280fb979c4f73c38ab4c5902aab0
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46631d3ff32f6c7978e6d63a807b3b6bc4a61b3545ee5ad05ba56d830096d4b1
4743bde81c1c82725553cd6f972874b01c61cec6c54c85d320c05e0e5aed5177
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4887d38a5b2b1fbf0b42df87e10fef88e9ca142dc1e6d1755fa9a1debfea6c07
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba4773f8313fdcc8bd0598c7a7e3a03073943b7845640c6fe37b2eed1ffe654
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb21b68aa33aef8b3b83a7677cdd0439bd297729677ca8a8ac9f125e60de57c
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52b255c86ae6d99ee7e166fb426b5bd737bd64c166bd7655a6ca995311ebe6f3
539ff3a999e6ef2ebae8e8092c8e5358e8306fecf56b99be843b372af95189c6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
584586f9a3dfd61a8eb57626664eb266d3a086a24026017839ad561fa4013cc7
58df268a49e6143e6a5c1d79cd3e5b1a894e7676948a11eee3ef86ca4a14d34d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5d353ed736ef8a3acd3e0a7e3ef034bb4a671da40eb79a55c384ba83b2585771
5f8dfd5a81fb2c5150bbfef239f8a3184ef7073201339d8411cfbbceecb9a1fe
5f9c986bc677282c44182cc3bfd5b2813607b6b1fd23d6f8d6a9dda208bc480e
61dc309ec8b3d11aef7e9365f3dad0aa805188583a795c4d21d6e0b268efc183
6331571851f7278399a23c7ef279c014bedf648884b069dd5f0cbb62b0faa778
69119aa6c41fd073bb93561719eb6b2673015e445fea50ccc6cc9bd547b3d42a
6a8b57f5cc2b0ed4f27a6bc804c8deeccaae3b6a9f905a2dd4f41e888e906aa6
6bf73d0a332b6cff2ae0f37d3d4a700ac9ae66bce6eacf3a530428462ef0887a
6c3223c27067f54618683e5fdfe83536907b179e81ed9a39873aa8b8140c05f2
6cc00fff35756f9b2d447a638195bd340507b9ad884addb442838e1b98505a6a
6d4237eac471bd9833053c365f7e6f2d66620afe24058462f5574912a548aa03
6dec2c3ee7244f2a70b4d64e10cb807587a342438fdf883eb923bad943aeb430
6fd8a6bf099b93a2d80f72b9dd60d93b32eb9bd2c50c4868e7fdea7a0735e762
7106fc7a8a57bd3515049560e573cb31911735db6d9fef39321b159ffe24d50d
7113c8953f34b6484068344937294977a2cd60906aa4c84abc908ecd0e48bfa9
7143c641fc852660b265f9379653ccd0b8bb793e61ee1429935b1e7f68af3fa6
71f4aa22574b8d8c673f5861ad468e2a475a87713989b75f8c6b9b7a0d0e6c05
72aa1fceb44971072e004219cbca1e448120b5046485a0885c255afef690031e
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
760144b690ee7570b72cf862a52ecf8678571ac6aecd431716c53a5e3f16d6dc
76512bbaf0cc095f7c67adbf9a349a81c9b33141ed643950fcdc5fc2ebcfe7cd
769cc18a9271345fcfd44daeece49382e455244eadf0f9be97634438c8c1016a
76b17180324cf042f1c87ace6d0ba80a1bf01fa1d1a267e1b74a85e5c89cc491
777750fd9d46194a2030dfa9a045e3890cbec3a8f38aa5c761b6e3cedfd8c72b
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
77ce6b009affddee44b98ac187879e3f20266ec3c507a9e72f868da73fdae554
79a48ca4e0e9b49e2cdf02fb8e1af695c0bcf48508d96aac0a9c0be160f99749
79b628a883191c8130a3382f904e50f5d4210b2abaac6227162e6b1e07f6c593
7b5b2949c10d4230e07e424c6da1287e5214fb119d9fcaff6ba6cfed87c057ac
8088f1d161a58af558862367e42cb9d6451ffb8bd973396ebed69da04d6188a7
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86441c9a21f4c77dcbb2a4f020d904179f15c8e9b35f3f85d5d053ee62c13232
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8afe6e17198607183f2547e4dcd4b8f79a484527d9c2ecee5a1f387399a4edd0
8b975e3e6910f571ee21a21922394a133e7cfd1ae1207bab6d5a629c142321aa
8c6e7cc21df4417259fe8a63e10911c9363aa4689d06aea74499a034a6449d09
8e5a8e82964e75aadaf39b6d9032274ecc387f6197c2ff17b47b7dd40ad9a872
8ea6cd9c53fbf12ca23803fbc243e351166ca35f12d3d4a00dd978a6000bd673
91758d03d2d4fbf86c85348b88231601a94790eea6072a461219dedfbe5e0c7a
91808e51a323e3895d06f09182ed5c6009f9c0e2c677829c98728ae33e69d938
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
949994b508a79a53d531caa6a2c4083598535e6f2ab6133363692ec77c8d35fd
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
956c4d2eb4abe4e503f562009c0960e6a668265ae77717ab8983566f9b128d00
984437ad2846a9404d6805379409795879686289ba955d0b76a12e5ace11aaac
9b7c35a8fc8aded39e112c5e53d554b40d51114feeff0edd31f6af3046bafa3e
9c4fb96219b2ed521f970ed2d63f7681636c30dec7ab55b7b0b346967258fa32
9d8adce1c950e605301ef9c7ba28a8edc2b37b26b3bcd9edff71123f0e28f9ef
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e63b5f40c7258dfbfcd9e90211d97a02e1b0222e1f3f88a16e5f408c7cc0404
9ea287c85e69d2fe6d18a929d000b59f2d1565494484fb2d60ad3806063de13e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0f4fbbb8c379ff5a0840db13e72d5a7635daa560c912174af58ba124005b3db
a15b69b2c160f9040002164b0da94b4bd49609459ed767d0aceb166effcb2b02
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4900d191b7434fc398e1d0ecf008be3f0bdf3b14dfc02921d807eec01cdff29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6362e25499cbd55fc26f70447ad9ea9eaf60aa3c5e742a631a947b3335a8601
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a755858bf56228bf6d638fa07a817d897de5c9fe4b0f40aceb310aee47ec4c73
a78a98db78710433a1f312c7f47ac40106e64a7d53a957dffa8a113323e9bb02
a8502ec373925d7fd9a7265b54eb5dc7849b3f85046ec8cba4fbdffdd7a9715c
a8f37ffa0eb80d2fc59ea9230bd0416397fb1dd298935ada434084614dc70e54
a9a61c761966dbf1fe2ea023be3d053adcc52d5c7d8d58ba2316f490755a4ce6
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad0dd5091814006e1986ba74f2492e12582594b1eca2221174c22a1ad10ad98c
ae8fc06de3bf41915d227c897a89b47a0f32a3a75c09dde8d39ea1dc27d95318
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1851477cb41c27ff7b3955e1257044041a2de0890b025368782263252033dff
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b2664210b80f21fee3e35f79d873c29ded7c43e03aadcfcc649f704c909b18d3
b46d3ed9649d3c54c996bdd0da527447599d36e054dd55d6ee879de2c6a6be39
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b5a4ee93e1379a85fe56c16769e11eb203372c1a230a5150c7ae4f4f542147f5
b6d5c6da343ffc2fc2f681ad60c04ab0a75a3f78f82b7926120c82b48b94e515
b78222040390c142b5db713e2056cdce01d935a8a289fba890281a4867dddda1
ba4ddcc61790def54f82d6679debb471410c69d06d34b8ab653a5123edb4b10e
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bf2aed6f8c76ccf521d3740a6ddf78a7a09250df8445c604651191a0044d6e15
c0e56b4c6d6603c198bb6f92d0cf363bef3c7e9d7d95080494263e8946b57b1c
c37e7c7b142c48b49d24d7c0252ee2877fa55f23bfcae0be35473b17cadf164e
c3b89adb1268b74d544346b1a864f50cd676d7180efac6b0f8ad94fef9d7a3b1
c51a4086e332a8b351790a53582dbba5bd78b7a1f021b829d93da3ad59ca575f
c91c904fbfbe1fcb61c4e4cb955b35e8eb303f29d97a9f757c744fc6603a978a
c92e7b0ecca2c2d54bdf7cafc97f199fea3fd24b2db849d0d1a97a9cd9ac8311
c9acdf688876497bbcacf7a7c83d9fdfaa4a82b92fe574fe0d0083a59fde0daa
ca31d3aa2364f2a372c1d9ed477be2b71852e7d3a98bb92476c19efe67024a48
ca78fe094de86e891cef0f01a849a07a8b6ab49f2981401b0f556627025c140e
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4
cddca2aac52b067bbcae6eccdb5a29d5336798ac878f9e28ac7d3d4352fdc2cd
ceb8d1e14a311e09c6e331fe84cf77c74a9ab8df63d9fb59372f73c0e6946619
ceca169c7b3aeb44dcdcbfd35d8fd24a85bc9a48b89ced5db336d54e16635a82
ced9c0457386bb8e877fd2a6113e92c5a8fd6516095c516878e7000d66e106a3
cf7208d17919b74aa5ac836e406f099548eb8bef441bcbded1d8f0ee60f7c644
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d46a5951a557bab39b5dbb547e17f4bc8a83a5557693fed16e3084b48336d77e
d5239b0487bdd41122603af4a39ede1bd61a4c036c7734c6c817e7ac496f27c8
d61b45b8b3cded238a65ee0aac4043b989f11cee56acfe5c889777f961f241a2
d6d9d3791ba12021e1902a95f49cf5217d11d1280f8d0b6dcb472a1b89af3edf
d6de7f0b6fc1eb1678fc10aabca8b893974fafee9049e0df5652dc51db74efc1
d9189f466d387acfa036f7dcab1c68d3707498268e0ba8b1815c687999373e9c
d9d657d5468d01a5447bb3a897cbd23191275e1138d9d3c2fb1a95817f8d3112
d9ea4d0c46f465df1f6efca0096c6d199d3fab2a47d582f97f7758385d1753f2
d9ebe24a565a41a87adc5de5b4c0e8ca3d478af54d64d315c32ad0425ce991ce
dabbdb2e46a8224a5d5d5329624046b2397b74460fa97ff1724368de93b34bf9
dcdef891f73e0047412ae4f595661f8caedd1331a83af12a053613fc643aa896
dcf342d15f6332cd37cdb043498eb638ef148c34d4931fb9e58381360857e316
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de0e56e3a895b1d65889d66d788caf3feb48e05f0d18a23d75f9ca3154762ce7
df37212a432a8295e87e9955fdf8bfe014dabd93b63f9a2aff661117bd5862de
e321d55f41dc5ecbfb7744f6a84da91fe6a7fa670b032969ee4f9535ecb80382
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3feb016374130f322d545f888f59bceb80667989dd11d9b5953f5cb1c04d1e0
e488cb47057ea3137178214c44e3533c65287dee6dde4cc2d10ba0bd66fb87c5
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e7d08a91cc95ca7b8b8fbaf1b8bb0525744494f452593ffae8b27de1ea300bb3
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e949460640491ca1cf362a0673c03f4d746fc56a59a94d261d2f140791e29f1b
ea0853e4f5fabd820d14f6a25cafefbe960b2c63f8da2416b66b7bd5300a76b0
eafeaa400b74b29f2b3fa72bd36eee9abba3026e3dbbef42e35837e9e6600490
ec6151356068640a369ef53250fce99b5180a85eadf273c2025f5138e273575a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29f060ce91fcc6683a09df249b8dbc452a2d6601f4fddc8131e37fce17a3c96
f3e24ac0b49f099ddbb00e219447f8d4aa4cd7021f38bd4c94c77747dc58ed2b
f40beb637ee149120299e03d8b8122fa381e9f68f7154a3fd1889291d36da182
f484f11c123bfcec431cff1be48303a3f303e5a394f15f5767e667f53242ed8f
f6dbbfb8b3917374cce32a674d0a42b331cbae4fecc07e51ab2f5e838d8898b3
fbbc45aee6c23f17d07220ede528f0216aaf05b2b6238d47038ab3f9f0a6b374
fc1abdfb4f8e52b32f7091081ca444d648b0dfb286c0c1b44466f701dd4c698f
fe42856f6ec5f1b064e338a1bba082be11f582869bc3d3ff0db586c4534e158a
feb49fae7fd245f703b2fbeb29c41f136a34ee8bccfa2cc7c8a5a6fbfa4439ce
ff4907cf284d638a9064d372a26013d999f89c7b1260b88a4304567bdae94ccf
ff82bb92f844829b285f937ba9b8cd3c168c702fe5190117593ed5cb05b78a24

jmonline.com.br Open in urlscan Pro 132.148.23.221 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

316 Requests

95 %HTTPS

67 %IPv6

32 Domains

49 Subdomains

49 IPs

5 Countries

5118 kBTransfer

10682 kBSize

43 Cookies

13 Outgoing links

Page URL History

Redirected requests

316 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

jmonline.com.br Open in urlscan Pro
132.148.23.221 Public Scan

Screenshot
Live screenshot

Full Image

316
Requests

95 %
HTTPS

67 %
IPv6

32
Domains

49
Subdomains

49
IPs

5
Countries

5118 kB
Transfer

10682 kB
Size

43
Cookies

316 HTTP transactions
11 data transactions