www.totvs.com Open in urlscan Pro
2606:4700::6812:f2b Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.totvs.com/
Effective URL:
https://www.totvs.com/
Submission: On August 18 via api (August 18th 2021, 8:58:52 pm UTC) from US

Summary HTTP 163 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 56 IPs in 8 countries across 68 domains to perform 163 HTTP transactions. The main IP is 2606:4700::6812:f2b, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.totvs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2021. Valid for: a year.

This is the only time www.totvs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700::68... 2606:4700::6812:f2b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.227.192.58 23.227.192.58	29802 (HVC-AS) (HVC-AS)
4	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 3	172.217.23.102 172.217.23.102	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
3	35.201.123.184 35.201.123.184	15169 (GOOGLE) (GOOGLE)
1 31	52.46.133.124 52.46.133.124	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:72b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.224.96.84 13.224.96.84	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.176.195.187 35.176.195.187	16509 (AMAZON-02) (AMAZON-02)
2 2	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
1 1	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 2	35.157.53.20 35.157.53.20	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.147.57 18.156.147.57	16509 (AMAZON-02) (AMAZON-02)
3 3	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	18.197.219.138 18.197.219.138	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4264:3ca:5412:4ba5:20da	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2606:4700:10:... 2606:4700:10::ac43:db6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.224.101.82 13.224.101.82	16509 (AMAZON-02) (AMAZON-02)
1	54.81.7.92 54.81.7.92	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.231.184.117 34.231.184.117	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.248.25.248 34.248.25.248	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
2 2	37.157.6.245 37.157.6.245	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.28.248.40 52.28.248.40	16509 (AMAZON-02) (AMAZON-02)
1 1	54.205.87.49 54.205.87.49	14618 (AMAZON-AES) (AMAZON-AES)
3 3	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	52.44.110.4 52.44.110.4	14618 (AMAZON-AES) (AMAZON-AES)
1	52.17.116.58 52.17.116.58	16509 (AMAZON-02) (AMAZON-02)
2 2	13.224.96.37 13.224.96.37	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	13.225.78.79 13.225.78.79	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	18.198.126.47 18.198.126.47	16509 (AMAZON-02) (AMAZON-02)
1 1	45.79.180.191 45.79.180.191	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
8	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.96.91 13.224.96.91	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.67 13.224.96.67	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.22 13.224.96.22	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	34.102.185.99 34.102.185.99	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:c9cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
163	56

27 2606:4700::6812:f2b (United States)

ASN13335 (CLOUDFLARENET, US)

www.totvs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.192.58 (Chicago, United States)

ASN29802 (HVC-AS, US)
PTR: 23-227-192-58.static.hvvc.us

v4.aloweb.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.23.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f102.1e100.net

10408215.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

a.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com

tags.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 52.46.133.124 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

8955376.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsleadflows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:72b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

widget.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-84.zrh50.r.cloudfront.net

api.omappapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.176.195.187 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-195-187.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.45 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.53.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-53-20.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.147.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-147-57.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.219.138 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-219-138.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:3ca:5412:4ba5:20da (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.101.82 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-101-82.zrh50.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.81.7.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-7-92.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.184.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-184-117.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.25.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-25-248.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.245 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.248.40 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-248-40.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.205.87.49 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-87-49.compute-1.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.110.4 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-110-4.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.116.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-116-58.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.96.37 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-37.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Aalborg, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.79 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-79.fra2.r.cloudfront.net

pixel.placed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.79.180.191 (Cedar Knolls, United States) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: lciapi-ewr-16.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.132 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-91.zrh50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-67.zrh50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-22.zrh50.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com

tt-14690-0.seg.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.tailtarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:c9cc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	23 KB
27	totvs.com www.totvs.com	725 KB
13	doubleclick.net 6 redirects 10408215.fls.doubleclick.net 8955376.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	5 KB
9	facebook.com www.facebook.com	559 B
9	tailtarget.com tags.t.tailtarget.com d.tailtarget.com tt-14690-0.seg.t.tailtarget.com b.t.tailtarget.com cm.t.tailtarget.com t.tailtarget.com	25 KB
7	google.com 1 redirects www.google.com adservice.google.com	429 B
5	criteo.com 2 redirects sslwidget.criteo.com widget.us.criteo.com gum.criteo.com mug.criteo.com	8 KB
5	facebook.net connect.facebook.net	313 KB
5	gstatic.com fonts.gstatic.com	96 KB
4	hubspot.com track.hubspot.com forms.hubspot.com	2 KB
4	yahoo.com 3 redirects ups.analytics.yahoo.com cms.analytics.yahoo.com	3 KB
4	google.de www.google.de	299 B
4	omappapi.com a.omappapi.com api.omappapi.com	249 KB
4	googleadservices.com www.googleadservices.com	46 KB
4	google-analytics.com www.google-analytics.com	59 KB
4	googletagmanager.com www.googletagmanager.com	210 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	bing.com bat.bing.com	9 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	addthis.com s7.addthis.com	192 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	530 B
2	tapad.com 2 redirects pixel.tapad.com	931 B
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	semasio.net 2 redirects uipglob.semasio.net	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	openx.net 2 redirects us-u.openx.net	620 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com	738 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	498 B
2	serving-sys.com 2 redirects bs.serving-sys.com lm.serving-sys.com	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	adform.net 2 redirects c1.adform.net	998 B
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net	1 KB
2	advertising.com 2 redirects pixel.advertising.com	657 B
2	bidswitch.net 2 redirects x.bidswitch.net	883 B
2	adsrvr.org 2 redirects match.adsrvr.org	912 B
2	1rx.io 2 redirects sync.1rx.io	1 KB
2	bluekai.com 2 redirects tags.bluekai.com	2 KB
2	hs-banner.com js.hs-banner.com	16 KB
2	hsforms.com forms.hsforms.com	7 KB
2	hsforms.net js.hsforms.net	291 KB
1	hubapi.com api.hubapi.com	515 B
1	taboola.com 1 redirects sync.taboola.com	300 B
1	ispot.tv 1 redirects pi.ispot.tv	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com	612 B
1	exelator.com loadus.exelator.com	324 B
1	placed.com 1 redirects pixel.placed.com	568 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	mookie1.com 1 redirects odr.mookie1.com	600 B
1	samba.tv 1 redirects ads.samba.tv	292 B
1	samplicio.us usersync.samplicio.us	263 B
1	imdb.com 1 redirects www.imdb.com	887 B
1	stickyadstv.com 1 redirects ads.stickyadstv.com	763 B
1	zeotap.com spl.zeotap.com	731 B
1	tremorhub.com amazon.partners.tremorhub.com	183 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	484 B
1	agkn.com 1 redirects aa.agkn.com	337 B
1	hsadspixel.net js.hsadspixel.net	2 KB
1	hsleadflows.net js.hsleadflows.net	86 KB
1	hs-analytics.net js.hs-analytics.net	20 KB
1	addthisedge.com v1.addthisedge.com	751 B
1	criteo.net static.criteo.net csm.nl.eu.criteo.net Failed	13 KB
1	moatads.com z.moatads.com	1 KB
1	jquery.com code.jquery.com	29 KB
1	hs-scripts.com js.hs-scripts.com	755 B
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	aloweb.com.br v4.aloweb.com.br	2 KB
0	survata.com Failed px.surveywall-api.survata.com Failed
163	68

	Domain	Requested by
31	s.amazon-adsystem.com	1 redirects www.totvs.com s.amazon-adsystem.com
27	www.totvs.com	www.totvs.com
9	www.facebook.com	www.totvs.com connect.facebook.net
5	www.google.com	1 redirects www.totvs.com 8955376.fls.doubleclick.net
5	connect.facebook.net	www.totvs.com connect.facebook.net
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google.de	www.totvs.com 8955376.fls.doubleclick.net
4	www.googleadservices.com	www.googletagmanager.com 8955376.fls.doubleclick.net www.googleadservices.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	www.totvs.com www.googletagmanager.com tags.t.tailtarget.com
3	track.hubspot.com
3	cm.g.doubleclick.net	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	8955376.fls.doubleclick.net	1 redirects www.googletagmanager.com www.totvs.com
3	a.omappapi.com	www.googletagmanager.com a.omappapi.com www.totvs.com
3	10408215.fls.doubleclick.net	1 redirects www.googletagmanager.com www.totvs.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.totvs.com
3	fonts.googleapis.com	www.totvs.com a.omappapi.com
3	s7.addthis.com	www.totvs.com s7.addthis.com
2	b.t.tailtarget.com	d.tailtarget.com
2	tt-14690-0.seg.t.tailtarget.com	d.tailtarget.com
2	d.tailtarget.com	www.totvs.com d.tailtarget.com
2	image6.pubmatic.com	2 redirects
2	pixel.tapad.com	2 redirects
2	ib.adnxs.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	us-u.openx.net	2 redirects
2	sb.scorecardresearch.com	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	t.myvisualiq.net	2 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.1rx.io	2 redirects
2	tags.bluekai.com	2 redirects
2	adservice.google.com	10408215.fls.doubleclick.net 8955376.fls.doubleclick.net
2	gum.criteo.com	1 redirects static.criteo.net
2	js.hs-banner.com	js.hs-scripts.com js.hs-banner.com
2	forms.hsforms.com	js.hsforms.net
2	js.hsforms.net	www.totvs.com
1	t.tailtarget.com
1	cm.t.tailtarget.com
1	forms.hubspot.com	js.hsleadflows.net
1	api.hubapi.com	js.hsadspixel.net
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	pixel.placed.com	1 redirects
1	token.rubiconproject.com	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	usermatch.krxd.net	1 redirects
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	ads.stickyadstv.com	1 redirects
1	spl.zeotap.com	s.amazon-adsystem.com
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	sync.targeting.unrulymedia.com	1 redirects
1	aa.agkn.com	1 redirects
1	mug.criteo.com	www.totvs.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	api.omappapi.com	a.omappapi.com
1	widget.us.criteo.com	www.totvs.com
1	sslwidget.criteo.com	1 redirects
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hsleadflows.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	v1.addthisedge.com	s7.addthis.com
1	static.criteo.net	www.googletagmanager.com
1	tags.t.tailtarget.com	www.totvs.com
1	z.moatads.com	s7.addthis.com
1	code.jquery.com	v4.aloweb.com.br
1	js.hs-scripts.com	www.totvs.com
1	cdnjs.cloudflare.com	www.totvs.com
1	v4.aloweb.com.br	www.totvs.com
0	csm.nl.eu.criteo.net Failed	gum.criteo.com
0	px.surveywall-api.survata.com Failed	s.amazon-adsystem.com
163	89

This site contains links to these domains. Also see Links.

Domain
treinamentos.totvs.com
elevesuasvendas.com.br
produtos.totvs.com
eventos.totvs.com
totvs.store
totvscst.zendesk.com
espacolegislacao.totvs.com
es.totvs.com
en.totvs.com
www.idexo.com.br
ri.totvs.com
ios.org.br
brasilquefaz.totvs.com
marca.totvs.com
tdn.totvs.com
facebook.com
instagram.com
youtube.com
www.linkedin.com
www.canalconfidencial.com.br
www.addthis.com

Subject Issuer	Validity	Valid
totvs.com Cloudflare Inc ECC CA-3	`2021-05-31` - `2022-05-30`	a year	crt.sh
v4.aloweb.com.br R3	`2021-07-22` - `2021-10-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-07-06` - `2022-01-06`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
a.omappapi.com R3	`2021-07-28` - `2021-10-26`	3 months	crt.sh
*.tailtarget.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-25`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2021-07-14` - `2022-06-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-08` - `2021-09-05`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
api.opmnstr.com Amazon	`2021-03-11` - `2022-04-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-12` - `2021-10-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.samplicio.us Amazon	`2021-04-17` - `2022-05-16`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2021-06-07` - `2022-06-06`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.totvs.com/
Frame ID: 47D4CD2C5F075842EC1F0CAE373A4DE6
Requests: 113 HTTP requests in this frame

Frame: https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
Frame ID: 0969D63E0C2DC84F3EF142C83B49C031
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t
Frame ID: A969639E73B3F536345686605081FBE7
Requests: 1 HTTP requests in this frame

Frame: https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
Frame ID: 8D27C9CD503F1A9B264E32A474832657
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.totvs.com&origin=onetag
Frame ID: FDE18B481CB512699D90D31B2B7CBD23
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Frame ID: 9C4C4F686F95081FBFADF0D1A2BFD50E
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: C9043FCE56449B8C762DC6EFC22E5B42
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.totvs.com/ HTTP 307
https://www.totvs.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

163
Requests

99 %
HTTPS

39 %
IPv6

68
Domains

89
Subdomains

56
IPs

8
Countries

2501 kB
Transfer

7151 kB
Size

19
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://treinamentos.totvs.com/
Title: Treinamentos

Search URL Search Domain Scan URL

URL: https://elevesuasvendas.com.br/?utm_source=menu_site_totvs&utm_medium=menu_site_totvs&utm_campaign=menu_site_totvs&__hstc=210444938.47ab5442d87fca9b1bcba00d13262474.1629320299165.1629320299165.1629320299165.1&__hssc=210444938.1.1629320299165&__hsfp=2736934676
Title: Micro e Pequenos Negócios

Search URL Search Domain Scan URL

URL: https://produtos.totvs.com/
Title: Portal de Produtos

Search URL Search Domain Scan URL

URL: https://eventos.totvs.com/
Title: Eventos

Search URL Search Domain Scan URL

URL: https://totvs.store/
Title: TOTVS Store

Search URL Search Domain Scan URL

URL: https://totvscst.zendesk.com/hc/pt-br
Title: Portal do Cliente

Search URL Search Domain Scan URL

URL: https://espacolegislacao.totvs.com/
Title: Espaço Legislação

Search URL Search Domain Scan URL

URL: https://es.totvs.com/
Title: ES

Search URL Search Domain Scan URL

URL: https://en.totvs.com/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.idexo.com.br/
Title: saiba mais

Search URL Search Domain Scan URL

URL: https://ri.totvs.com/
Title: RELAÇÕES COM INVESTIDORES

Search URL Search Domain Scan URL

URL: http://ios.org.br/
Title: IOS

Search URL Search Domain Scan URL

URL: https://brasilquefaz.totvs.com/
Title: CASES

Search URL Search Domain Scan URL

URL: https://marca.totvs.com/
Title: MARCA

Search URL Search Domain Scan URL

URL: https://totvscst.zendesk.com/hc/pt-br/#home
Title: SUPORTE

Search URL Search Domain Scan URL

URL: https://tdn.totvs.com/
Title: TDN

Search URL Search Domain Scan URL

URL: https://facebook.com/totvs
Title:

Search URL Search Domain Scan URL

URL: https://instagram.com/totvs
Title:

Search URL Search Domain Scan URL

URL: https://youtube.com/totvs
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/totvs/
Title:

Search URL Search Domain Scan URL

URL: https://ri.totvs.com/governanca-corporativa/estatutos-politicas-e-regimentos/
Title: Código de Ética e Conduta

Search URL Search Domain Scan URL

URL: https://www.canalconfidencial.com.br/totvs/
Title: clique

Search URL Search Domain Scan URL

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.totvs.com/ HTTP 307
https://www.totvs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://10408215.fls.doubleclick.net/activityi;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F HTTP 302
https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F

Request Chain 45

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t

Request Chain 47

https://8955376.fls.doubleclick.net/activityi;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F HTTP 302
https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F

Request Chain 64

https://sslwidget.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639 HTTP 302
https://widget.us.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639

Request Chain 77

https://gum.criteo.com/sid/json?origin=onetag&domain=totvs.com&sn=ChromeSyncframe&so=0&topUrl=www.totvs.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=mxMNMXx3V09PVWRKU3VIZUxzUjhtY2FraDAzNzQ3WG5SSmI3NlVCclJaaGtLdEdrbHFtSmpJdmhXM0Y3Z3lCTXNsZTM4L09iMjN4RHFoczYrVkpEUkRqRk5nUDQ4ajNWaEMxZWwyakc5aXlHRXhLQm1CSGVYTXJ1TFlSYUgxV2RENWEvNi96VEhFQW55djY5bnBpczF5V3JEQnBmTjhKSmNycEhVOERSeFZNcFQ0dHNPS1FjMjMrakNicVNFeVpLUHFPV3d1TEZpUmhDa2VqOWZwdTN6UkIzWHowZWMxaWkxbnFtNXNVK0ZWZlJoYW9ObVZ2N2xNQisxUWJSMHpSaG9jTC9wNE9DVTAvUnpOeTVYVUEzQWo3QUtQdz09fA&cppv=2

Request Chain 84

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=aXQdYbvJGpHtgQfKxZ3oDQ&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aXQdYbvJGpHtgQfKxZ3oDQ&cid=CAQSKQCNIrLM5UeZ_tPPvgDDmIhehXcSbxN8onkzzNKFxaU73_FbxUcCy_-G&random=3654345386&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aXQdYbvJGpHtgQfKxZ3oDQ&cid=CAQSKQCNIrLM5UeZ_tPPvgDDmIhehXcSbxN8onkzzNKFxaU73_FbxUcCy_-G&random=3654345386&resp=GooglemKTybQhCsO&ipr=y

Request Chain 85

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=StqHvx9999YOIhNC

Request Chain 86

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=164880403882000473413&ex=neustar.biz

Request Chain 87

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4411147616 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4411147616 HTTP 302
https://sync.1rx.io/usersync/tradedesk/22195db8-e31c-4dc4-90f3-3047b4514e1f HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003%26ex%3Drhythmone.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003&ex=rhythmone.com

Request Chain 88

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=764658563eb7fef0d0a866048812ba6e

Request Chain 89

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=WvpIwy9999YOIhNC

Request Chain 90

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1 HTTP 302
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP0328a767-0067-11ec-9adb-0611ef1d130e HTTP 302
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP0328a767-0067-11ec-9adb-0611ef1d130e&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?id=22df2623c3465836f992407267d177bb5309cd2d&ex=aoldisplay.com

Request Chain 91

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=59b6dca9-78d2-4ed1-a289-95f1bfde32c4

Request Chain 95

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=4ce0c93e23a4c1eb4b8a1531d168a596&ex=freewheel.tv&gdpr=0&gdpr_consent=

Request Chain 96

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 98

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e03fd4eb04ecddd1

Request Chain 99

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=1ef2l4uvQBilFgiFZCvwmg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=1ef2l4uvQBilFgiFZCvwmg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=50556601904437858871415683916500709630

Request Chain 100

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=1BzHgcbeTz6Jr3cPuaEVGg HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439019007493352&gdpr=&gdpr_consent=

Request Chain 102

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7275430821279675664

Request Chain 103

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0392358e-0067-11ec-98a3-18c6427b0106 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=0392353b-0067-11ec-98a3-18c6427b0106

Request Chain 104

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2277c0f34c-e0a7-4bd2-b3e5-c791685a4318%22,%22Time%22:%2220210818T165818.330124%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=77c0f34c-e0a7-4bd2-b3e5-c791685a4318

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEM4ig-wDKIPtPPt37uy5h3U&google_cver=1

Request Chain 106

https://usermatch.krxd.net/um/v2?partner=amzn HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

Request Chain 107

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1b69b31ed7999c8cff5641098fe7167d

Request Chain 108

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7a7475e4-2bd5-c6c7-1671-bc093a559afe

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KE9DWtanEGUop2jsdvKKfzc4dOE4ZgAC

Request Chain 110

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=985C9ADB91E6F512

Request Chain 111

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5073386755746090242&ex=appnexus.com

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=oLHCYzjtQ8CYeGRQWY7irw& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 114

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id%3Damazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f

Request Chain 116

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D6A741D61382F872402EA5807

Request Chain 117

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-hRSjM8N1l2OzjdORqlfLQDvukIzNZkw-

Request Chain 118

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9a51047342b9fda1a9fd60dcb84f0bcf941a2fafa62e4d570fadf8318e73f435

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=964CC43B-66C6-4D94-8DDF-7A206252778C

Request Chain 120

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7db408f6-aba5-44c3-a72c-65e3457ecb56-tuct816f9ea

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=6784871647 HTTP 302
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOomCNclzWmbbl4rMgZ4Etc&google_cver=1&google_ula=6784871647,0

163 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.totvs.com/
Redirect Chain

http://www.totvs.com/
https://www.totvs.com/

97 KB
18 KB

479ms
206ms

Document
text/html

2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

b82e44afaa1e0b330b87e32001948a8c27a0434f9c5ed9fadeec36b87a79fda0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:method: GET
:authority: www.totvs.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://www.totvs.com/wp-json/>; rel="https://api.w.org/" <https://www.totvs.com/wp-json/wp/v2/pages/26962>; rel="alternate"; type="application/json" <https://www.totvs.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 128
x-cache-group: normal
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 680e0f276cac4aaa-FRA
content-encoding: gzip

Redirect headers

Location: https://www.totvs.com/
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK aloweb_hubspot.js Show response
v4.aloweb.com.br/js/ 2 KB
2 KB 564ms
144ms Script
application/javascript 23.227.192.58
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v4.aloweb.com.br/js/aloweb_hubspot.js
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.192.58 Chicago, United States, ASN29802 (HVC-AS, US),
Reverse DNS: 23-227-192-58.static.hvvc.us
Software: nginx/1.14.1 /
Resource Hash: 2d2c874f54c238ad94116711c271466697a81c3e2e42052c40187b67fe6eeaa9

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 18 Aug 2021 20:58:16 GMT
Last-Modified: Sun, 29 Nov 2020 23:12:23 GMT
Server: nginx/1.14.1
ETag: "5fc42ad7-8c4"
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2244

GET
H2 200 blocks.style.build.css
www.totvs.com/wp-content/plugins/structured-content/dist/ 3 KB
1 KB 19ms
17ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.4.5

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21e40781d16d749119e73d092fd3a91883640701f700496d38ddab1fdba4f3cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/structured-content/dist/blocks.style.build.css?ver=1.4.5
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Apr 2021 20:36:27 GMT
server: cloudflare
age: 1018633
etag: W/"6074af4b-ba4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf954aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 style.min.css
www.totvs.com/wp-includes/css/dist/block-library/ 57 KB
9 KB 22ms
20ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-includes/css/dist/block-library/style.min.css?ver=5.7.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: cloudflare
age: 2291669
etag: W/"606cf3c4-e33b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf994aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 all.min.css
www.totvs.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/ 46 KB
10 KB 27ms
25ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.1.0

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/comments-like-dislike/css/fontawesome/css/all.min.css?ver=1.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Aug 2020 21:40:14 GMT
server: cloudflare
age: 2291669
etag: W/"5f29d5be-b752"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf9a4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 cld-frontend.css
www.totvs.com/wp-content/plugins/comments-like-dislike/css/ 1 KB
503 B 24ms
23ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/comments-like-dislike/css/cld-frontend.css?ver=1.1.0

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093c6c272cfccc5b7cb136b3352daa0c12bf7a95efda4268158fb3f5773af2ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/comments-like-dislike/css/cld-frontend.css?ver=1.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Aug 2020 21:40:14 GMT
server: cloudflare
age: 10132174
etag: W/"5f29d5be-550"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf9c4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 default.min.css
www.totvs.com/wp-content/plugins/tablepress/css/ 5 KB
2 KB 22ms
21ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/tablepress/css/default.min.css?ver=1.12

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/tablepress/css/default.min.css?ver=1.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 08 Sep 2020 21:30:02 GMT
server: cloudflare
age: 10132174
etag: W/"5f57f7da-13e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf9e4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 addthis_wordpress_public.min.css
www.totvs.com/wp-content/plugins/addthis/frontend/build/ 587 B
366 B 33ms
32ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/addthis/frontend/build/addthis_wordpress_public.min.css?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Aug 2020 21:40:14 GMT
server: cloudflare
age: 2291670
etag: W/"5f29d5be-24b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cf9f4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 main_f822d700.css
www.totvs.com/wp-content/themes/totvs-theme/dist/styles/ 613 KB
92 KB 40ms
39ms Stylesheet
text/css 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a7edb236cec879cb9a8e0025cb96baf63be11a9877eabac84fd83bdd43d2781

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/totvs-theme/dist/styles/main_f822d700.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 20:14:24 GMT
server: cloudflare
age: 432465
etag: W/"6116d2a0-99571"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cfa04aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 jquery.min.js Show response
www.totvs.com/wp-includes/js/jquery/ 87 KB
31 KB 22ms
21ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: cloudflare
age: 10132174
etag: W/"5f7dedd5-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cfa14aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.totvs.com/wp-includes/js/jquery/ 11 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 19 Nov 2020 09:31:13 GMT
server: cloudflare
age: 565497
etag: W/"5fb63b61-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cfa34aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 cld-frontend.js Show response
www.totvs.com/wp-content/plugins/comments-like-dislike/js/ 3 KB
1012 B 24ms
23ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/plugins/comments-like-dislike/js/cld-frontend.js?ver=1.1.0

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c9d52752a77435bf944f20b90391d960cb3494c4f28c8e367edf4864296f4ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/plugins/comments-like-dislike/js/cld-frontend.js?ver=1.1.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 04 Aug 2020 21:40:14 GMT
server: cloudflare
age: 10132174
etag: W/"5f29d5be-d69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f28cfa44aaa-FRA
expires: Thu, 18 Aug 2022 20:58:15 GMT

GET
H2 200 logo.png
www.totvs.com/wp-content/uploads/2019/09/ 3 KB
3 KB 37ms
37ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2019/09/logo.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc4f049e38bd3a6e6197ca877187ffddd8070122904a8ce1fa63ffd81f4a2747

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2019/09/logo.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10132172
content-length: 2784
last-modified: Mon, 09 Dec 2019 14:47:52 GMT
server: cloudflare
etag: "5dee5e98-ae0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2bfdeb4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 logo-techfin-bannervitrine-1.png
www.totvs.com/wp-content/uploads/2020/11/ 2 KB
2 KB 26ms
25ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2020/11/logo-techfin-bannervitrine-1.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c6ed5c5a9c4e563f13ef9ddd85313d0d22386dbedc02a1df069d8b2407b12c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2020/11/logo-techfin-bannervitrine-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1337276
content-length: 1837
last-modified: Mon, 16 Nov 2020 12:05:45 GMT
server: cloudflare
etag: "5fb26b19-72d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2c2e514aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 275 KB
83 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58fe5e58670b5b1f7988126a124ab9be5afd8a54411a31848112991fb208c8f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84704
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 19:17:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H2 200 Forma-826.png
www.totvs.com/wp-content/uploads/2021/05/ 864 B
963 B 21ms
21ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/Forma-826.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72608f6bd417ce745000db1d556c5efe29a9e7c5041cb4d0bcc6b799d44d20f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/Forma-826.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1337276
content-length: 864
last-modified: Mon, 03 May 2021 15:08:19 GMT
server: cloudflare
etag: "609011e3-360"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2caf2c4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 Forma-825.png
www.totvs.com/wp-content/uploads/2021/05/ 4 KB
4 KB 16ms
14ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/Forma-825.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a5e498439af9c1264a3e83fac7e6d1c670d103de1a97aef111dc003fe1e89c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/Forma-825.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 306412
content-length: 3996
last-modified: Mon, 03 May 2021 15:07:33 GMT
server: cloudflare
etag: "609011b5-f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2cbf4c4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 Forma-827.png
www.totvs.com/wp-content/uploads/2021/05/ 2 KB
2 KB 17ms
15ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/Forma-827.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052396e75c0818dbcb979eebe63a9009b3466f8341a87d9712033d9d21104873

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/Forma-827.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 524269
content-length: 2346
last-modified: Mon, 03 May 2021 15:06:59 GMT
server: cloudflare
etag: "60901193-92a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2cbf4e4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 email-decode.min.js Show response
www.totvs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
831 B 11ms
10ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 12 Aug 2021 10:09:00 GMT
server: cloudflare
etag: W/"6114f33c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800 public
cf-ray: 680e0f2908234aaa-FRA
vary: Accept-Encoding
expires: Fri, 20 Aug 2021 20:58:15 GMT

GET
H3-29 200 v2.js Show response
js.hsforms.net/forms/ 570 KB
145 KB 146ms
20ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4fe4e0ed48044895a2582f9e16a71c12eabbc500450f19493310995fd4d060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
via: 1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 18 Aug 2021 12:16:44 UTC
server: cloudflare
etag: W/"edcc19f651670eb35bebe26d5a4acf81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2%2F3fmJe6AaThF0Ekmotd0%2FfaTbMbSKS2sh%2FTbsOph%2FQ0EJk7J31kMBQ4N67e4qEPEcQZ3j1wnTd6ePYSGs7bpJ7lYaa5f1E7%2FKxm0KH3t8EVkbgnTY2rGSA4LkKCu8NDaARUE4PiwK7%2F4bA"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: h.dfZ0umswbMKeB.aVgcoYjf7pXL83SP
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 680e0f2d8928dfe7-FRA
x-amz-cf-id: W_dFwOJWYiNRLCATI_uPk53nPM1esj4JIMIPoJcxzWFUaOy_SuFuTQ==
x-hs-target-asset: FormsNext/static-5.358/bundles/project_with_deps.js

GET
H2 200 botao_whatsapp_2020-1.png
www.totvs.com/wp-content/uploads/2020/07/ 8 KB
8 KB 27ms
25ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2020/07/botao_whatsapp_2020-1.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6103242d250b440688fd0e3fd3254bf1def8e41c19d9fce232cfded913a2aef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2020/07/botao_whatsapp_2020-1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3737896
content-length: 8337
last-modified: Thu, 09 Jul 2020 20:01:04 GMT
server: cloudflare
etag: "5f077780-2091"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2cbf4f4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 shell.js Show response
js.hsforms.net/forms/ 570 KB
145 KB 51ms
33ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/shell.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc4fe4e0ed48044895a2582f9e16a71c12eabbc500450f19493310995fd4d060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
via: 1.1 97971aa6c140e2dfc8adaee6c929eedc.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Wed, 18 Aug 2021 12:16:44 UTC
server: cloudflare
etag: W/"edcc19f651670eb35bebe26d5a4acf81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rP7npKw9xT2sPP%2BxzAHlcNSQ8xqrzQHqY%2FQkhMCXWgPG7wirVaigxqy3gTEX%2FZSQYtxnNPvGNIahrStPGl3ycWUpg1iPMENlDBS%2F9WQWQhEK7P1SIyTuMP1vRDLfMgVw28ziEQL5gFKdIvC"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: h.dfZ0umswbMKeB.aVgcoYjf7pXL83SP
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 680e0f294a384ea4-FRA
x-amz-cf-id: q5I5UVhJ3qyO2YmIU-2h1xLgJrMUY4zD-iaMlb8oZUpc5nirEI4oQA==
x-hs-target-asset: FormsNext/static-5.358/bundles/project_with_deps.js

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 145ms
49ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Wed, 18 Aug 2021 20:58:16 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 utmkeeper.js Show response
www.totvs.com/wp-content/themes/totvs-theme/resources/ 2 KB
992 B 33ms
33ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/themes/totvs-theme/resources/utmkeeper.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e24e11b4548981a30992737afd70ee9f2f441fc6efe5899d0f71ce2792786bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/totvs-theme/resources/utmkeeper.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 27 Aug 2020 18:11:49 GMT
server: cloudflare
age: 10132172
etag: W/"5f47f765-69b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f2b2c574aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 main_f822d700.js Show response
www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/ 247 KB
65 KB 34ms
33ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6f4615cfa4f34e69fe3bb29e285afee6cc08cace3a2fc2deb9ea17f9c1338fcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 13 Aug 2021 20:17:07 GMT
server: cloudflare
age: 432465
etag: W/"6116d343-3dd84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f2b6cd34aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 iframeResizer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/ 14 KB
5 KB 20ms
20ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.3.2/iframeResizer.min.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 314172
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 4924
timing-allow-origin: *
last-modified: Fri, 11 Jun 2021 08:45:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60c3228f-133c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2pyEc8PTskcD0j0cvWU%2FYCknmGAmBN3qVsBrB1vS%2BiPQd%2FveN%2B0ZacP9XQVTR7hP5Jnx1ctNIU6L8fpbjZlPAO0PLnFUxj%2BPMDHcCGON58hQG45zR1hl5tKwTkL%2BX9JzoWKtxObpMZo3v77eHL2chXO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 680e0f2ba82a177e-FRA
expires: Mon, 08 Aug 2022 20:58:16 GMT

GET
H2 200 wp-embed.min.js Show response
www.totvs.com/wp-includes/js/ 1 KB
870 B 22ms
21ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-includes/js/wp-embed.min.js?ver=5.7.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 6611474
etag: W/"5ff5d754-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f2bcd9d4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 2287241.js Show response
js.hs-scripts.com/ 2 KB
755 B 165ms
164ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2287241.js
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b25f3758e102d1a5ab8f482458a2bf75165f51840d1056cedefa58a9c79cafb9

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-hubspot-correlation-id: 9af5ab39-81f3-48ed-a4ee-70072e23a3c4
x-trace: 2B58D6C1CD67DEF510BA532DD595C0CC8A566F9FEE000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.totvs.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 680e0f2cbd3e061c-FRA
expires: Wed, 18 Aug 2021 20:59:16 GMT

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 136ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: v4.aloweb.com.br
URL: https://v4.aloweb.com.br/js/aloweb_hubspot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1629320296.dop236.fr8.t,1629320296.cds272.fr8.hn,1629320296.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H2 200 wp-emoji-release.min.js Show response
www.totvs.com/wp-includes/js/ 14 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.totvs.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: cloudflare
age: 6611463
etag: W/"5ff5d754-3795"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
cf-ray: 680e0f2cbf514aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
642 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 20:58:16 GMT
server: ESF
date: Wed, 18 Aug 2021 20:58:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 21 KB
1 KB 16ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 20:54:29 GMT
server: ESF
date: Wed, 18 Aug 2021 20:58:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H2 200 sprite_36bd5f52.png
www.totvs.com/wp-content/themes/totvs-theme/dist/images/ 12 KB
12 KB 21ms
21ms Image
image/png 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/themes/totvs-theme/dist/images/sprite_36bd5f52.png

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74fdbf39f852ad985b8d6b18dc8e09fa7afec7f0e00e724f88a6c49bc98edd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/totvs-theme/dist/images/sprite_36bd5f52.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/wp-content/themes/totvs-theme/dist/styles/main_f822d700.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 10132172
content-length: 12376
last-modified: Wed, 31 Mar 2021 19:14:52 GMT
server: cloudflare
etag: "6064ca2c-3058"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2cdf8c4aaa-FRA
expires: Thu, 18 Aug 2022 20:58:16 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.totvs.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:51 GMT
x-content-type-options: nosniff
age: 159925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:51 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.totvs.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:52 GMT
x-content-type-options: nosniff
age: 159924
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:52 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,300i,400,400i,700,700i,900,900i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.totvs.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:36:37 GMT
x-content-type-options: nosniff
age: 159699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:36:37 GMT

GET
H2 200 f7c3019a-28e4-42c7-a0f8-9c0bcbb59adb Show response
forms.hsforms.com/embed/v3/form/2287241/ 19 KB
3 KB 140ms
125ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2287241/f7c3019a-28e4-42c7-a0f8-9c0bcbb59adb?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f0bf1123a15c184c436d3acc0b512701903cd414bd2477e390a957e7c85c975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: e6ad2232-951e-4732-9dab-abe83a6ba791
cf-ray: 680e0f2deb8f4a67-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2BAFCE2B06E56B009402B3BE66760F11901CB69960000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 313ms
62ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=8505
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 128 KB
50 KB 46ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MX98CJT33W&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6db1b5c1b434176c3587116e57b596990fe104e4de3ec85ac59575be60ccfa73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51502
x-xss-protection: 0
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4902
date: Wed, 18 Aug 2021 19:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Wed, 18 Aug 2021 21:36:34 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 150ms
57ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 30 KB
9 KB 29ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:15 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 18:27:37 GMT
x-msedge-ref: Ref A: 47AF070041814BFDBFE08EF6AB44F8CD Ref B: FRAEDGE1308 Ref C: 2021-08-18T20:58:16Z
etag: "80f2963dde83d71:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 9024

GET
H3-29

200

activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F Show response
10408215.fls.doubleclick.net/ Frame 0969
Redirect Chain

https://10408215.fls.doubleclick.net/activityi;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3...

400 B
357 B

106ms
55ms

Document
text/html

172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f102.1e100.net

Software

cafe /

Resource Hash

00580da1aeb93890306e5963b7e3ee28f2b58ca9517277ac50c2a4d9f05ea6e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10408215.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.totvs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Aug 2021 20:58:17 GMT
expires: Wed, 18 Aug 2021 20:58:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 332
x-xss-protection: 0
set-cookie: IDE=AHWqTUkqAthSYDDkvcjHhkgvNdk0pPW2qwhptVoVnrcDET_EsnqZNJ5DhKnyPGG88HI; expires=Mon, 12-Sep-2022 20:58:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Aug 2021 20:58:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
25 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25944
x-xss-protection: 0
pragma: public
x-fb-debug: zo4WVwupV81rfgea3wEYQZ3fG7M2p3C4yhwsZwfK7TtyCHxzjgaJYtqhVloaN7w/56UyGaUXt2u8VyPKf4H+cA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
date: Wed, 18 Aug 2021 20:58:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 api.min.js Show response
a.omappapi.com/app/js/ 205 KB
58 KB 229ms
56ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/api.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: c130f23d961ae1da752e6ffd3609246dfa3a3ff557075fdbc04def8df57fc621

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-169
cdn-cachedat: 08/16/2021 20:42:20
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Mon, 16 Aug 2021 18:42:20 GMT
cdn-proxyver: 1.0
cdn-fileserver: 181
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: 28e29fd72d37575e4ed02e9d302f5d29
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 t3m.js Show response
tags.t.tailtarget.com/ 31 KB
8 KB 307ms
134ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14690-0/CT-1869
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: nginx/1.8.1 /
Resource Hash: 0717c824eab00345cb63e54b1c04f8e162c047fe91bd80aa9c28cd0089842e56

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ADPycds82sFphUJhDhkh5ySz0DtZ0Y4TTaOFCn_LxZnhl_C0ulXbPmGjOzA6Ba0j76zjsk5azrL9_7rylExPJrhIe9sdFTnu2Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 7387
last-modified: Fri, 23 Jul 2021 17:22:05 GMT
server: nginx/1.8.1
etag: "58cc3f04e5d2767c22f8f5bb68195805"
vary: Accept-Encoding
x-goog-hash: md5=WMw/BOXSdnwi+PW7aBlYBQ==
x-goog-generation: 1627060925264732
via: 1.1 google
cache-control: max-age=7200,public
x-goog-stored-content-length: 7387
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 18 Aug 2021 22:58:16 GMT

GET
H/1.1

200
OK

Cookie set iu3 Show response
s.amazon-adsystem.com/ Frame A969
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D58...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D58...

582 B
1 KB

157ms
156ms

Document
text/html

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5616add6b4d224693e4d114788b0c57e87809ca280f8da29311687432ab0734a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.totvs.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A-XqlbK52k2ppJ1BWCv04h8|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.totvs.com/

Response headers

Server: Server
Date: Wed, 18 Aug 2021 20:58:17 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 582
Connection: keep-alive
x-amz-rid: HMAKSQB68F49PDSN8W0G
Set-Cookie: ad-id=A-XqlbK52k2ppJ1BWCv04h8; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 20:58:17 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Thu, 01-Oct-2026 20:58:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

Redirect headers

Server: Server
Date: Wed, 18 Aug 2021 20:58:17 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: QFTZKVKRQ8WXXBY4YKAG
Set-Cookie: ad-id=A-XqlbK52k2ppJ1BWCv04h8|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Apr-2022 20:58:17 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H2 200 activityi;register_conversion=1;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
10408215.fls.doubleclick.net/ 0
0 220ms
50ms Image
text/html 172.217.23.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10408215.fls.doubleclick.net/activityi;register_conversion=1;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f102.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29

200

activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F Show response
8955376.fls.doubleclick.net/ Frame 8D27
Redirect Chain

https://8955376.fls.doubleclick.net/activityi;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%...

1 KB
655 B

120ms
66ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

eb2c7fc6bb58d9c89c7ee611401ebff775133d589a326603b0f863240bec9204

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8955376.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.totvs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Aug 2021 20:58:17 GMT
expires: Wed, 18 Aug 2021 20:58:17 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 630
x-xss-protection: 0
set-cookie: IDE=AHWqTUlOMW0RCOAzunRGytO1j8IgPUDtGlcPobgIv5NzYWh3clctKgpZwaDl0Fc6Tp0; expires=Mon, 12-Sep-2022 20:58:17 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 18 Aug 2021 20:58:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 179ms
21ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/ld.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: gzip
last-modified: Thu, 17 Jun 2021 10:54:06 GMT
server: nginx
etag: W/"60cb29ce-9d98"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 19 Aug 2021 20:58:16 GMT

GET
H2 200 activityi;register_conversion=1;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
8955376.fls.doubleclick.net/ 0
0 217ms
53ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8955376.fls.doubleclick.net/activityi;register_conversion=1;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 971ce355-5482-43d9-97e1-8bfb72b1b2d7 Show response
forms.hsforms.com/embed/v3/form/2287241/ 35 KB
4 KB 138ms
129ms Script
application/javascript 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2287241/971ce355-5482-43d9-97e1-8bfb72b1b2d7?callback=hs_reqwest_1&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/shell.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d559bf83d1df81ea8a6724b4df20ec1e01871f967c3aac04aa65bdf0f80fbe80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: d4aa67d5-2339-40cb-b467-7403ca17f693
cf-ray: 680e0f2ed91a4309-FRA
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2B866ADE80FD0485FC25311D40226405BD330493E2000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5d4c25d30faa270a/ 2 KB
751 B 582ms
581ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5d4c25d30faa270a/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e9a11454525fb7d65ba44687dc98fbe310b3142962d0035c592d2a25e68637e0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
etag: -2135505660--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 574

GET
H2 200 2287241.js Show response
js.hs-analytics.net/analytics/1629320100000/ 62 KB
20 KB 134ms
133ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1629320100000/2287241.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2287241.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f134beff0b35b96d2c9585a29afa413e607daa1a879a3c51655814726243dc5

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 1WGQ5JZCWE24HEZ5
x-amz-server-side-encryption: AES256
cf-ray: 680e0f2edae94dd0-FRA
x-amz-id-2: P56APcQ+ix9UNaTQBaNAEw10T+38Wdbwe4ocqKwbP7ZmU/M54iT6NtKjz/6h1qANK6TA0lghf6A=
last-modified: Mon, 19 Jul 2021 14:22:06 GMT
server: cloudflare
etag: W/"bbb63aff16358d91d7d5421b4c6d0282"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Wed, 18 Aug 2021 21:03:16 GMT

GET
H2 200 leadflows.js Show response
js.hsleadflows.net/ 537 KB
86 KB 32ms
31ms Script
application/javascript 2606:4700::6811:e6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsleadflows.net/leadflows.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2287241.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc331536462a180887b9ab74c2f523317ceb4499333280e052e838108e2b7e33

Request headers

Origin: https://www.totvs.com
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
via: 1.1 199fd61d7551d8868317c5b53cc7d24d.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 38856
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=lead-flows-js/static-1.1044/bundle/main/lead-flows-release.js&cfRay=680a5a8779b94414-EWR
x-cache: Hit from cloudfront
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 680e0f2ed84b2c3a-FRA
last-modified: Tue, 17 Aug 2021 09:18:14 UTC
server: cloudflare
etag: W/"cb6dfe0eeb1b99540a8cc76ccac39448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: rBLRYw8OYhsJOoJXwLV1XnuCVRnUa8jD
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-C3
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 5kvF7fkkDf7UhsUlCGfplmQ96L_vtVFAbZxRy6lncA1ao-DITixWDA==
x-hs-target-asset: lead-flows-js/static-1.1044/bundle/main/lead-flows-release.js

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
2 KB 20ms
19ms Script
application/javascript 2606:4700::6811:72b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hsadspixel.net/fb.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2287241.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:72b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
via: 1.1 de2ed3c94563fee614f35f9bc3f52d1c.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 574
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.240/bundles/pixels-release.js&cfRay=680e0126ea509772-EWR
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Tue, 10 Aug 2021 02:40:31 UTC
server: cloudflare
etag: W/"8ee0488507384d951abdd5a2c4850b8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: CrG.3GFsy7oo.WK92RlW399Ge142Cqti
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 680e0f2fac774e4a-FRA
x-amz-cf-id: rlsOjOYE_6yO2iWG1eFLwmybhOg5op9m-h_imwT6jYl5xNFFs6zlPA==
x-hs-target-asset: adsscriptloaderstatic/static-1.240/bundles/pixels-release.js

GET
H2 200 2287241.js Show response
js.hs-banner.com/ 62 KB
15 KB 384ms
383ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2287241.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2287241.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092f8fae4a904ea171ac359ab219f4ddd8d04d32bef47c39e5b849f5cf957134

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 95N31MQ5ZASQ25YX
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: DdXWxsePZVQ8EGbfblUTIB/gMu6EX1m6CqrxxGlfJpqXb9aQM8fnerZB+FAYDpIdLjxbLymlnmU=
timing-allow-origin: *
last-modified: Tue, 17 Aug 2021 14:08:41 GMT
server: cloudflare
etag: W/"2d38bf13b21a4141a8cba3675689dbbc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: C.0oYPhqgCnWeAUZML6XLwcrOnZ.3eot
access-control-allow-origin: https://www.totvs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 680e0f2fbf334a6d-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 18 Aug 2021 21:03:17 GMT

GET
H2 200 totvstrends-banner-hero.jpg
www.totvs.com/wp-content/uploads/2021/07/ 148 KB
148 KB 24ms
23ms Image
image/jpeg 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/07/totvstrends-banner-hero.jpg

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14921667368d683f2e993189de83b6780f031641220a77397dda072a341af9eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/07/totvstrends-banner-hero.jpg
pragma: no-cache
cookie: _gcl_au=1.1.723369902.1629320297; __atuvc=1%7C33; __atuvs=611d7468f837de4f000
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 463323
content-length: 151710
last-modified: Wed, 14 Jul 2021 14:18:36 GMT
server: cloudflare
etag: "60eef23c-2509e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 20:58:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2f5c0a4aaa-FRA
cf-bgj: h2pri

GET
H2 200 banner_hero-BLAST.jpg
www.totvs.com/wp-content/uploads/2021/05/ 125 KB
125 KB 19ms
19ms Image
image/jpeg 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/banner_hero-BLAST.jpg

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fcb284dec32d13d9bb6a6aa54fff481e7cce0b55c0fb6f91aab916b5475769e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/banner_hero-BLAST.jpg
pragma: no-cache
cookie: _gcl_au=1.1.723369902.1629320297; __atuvc=1%7C33; __atuvs=611d7468f837de4f000
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 1329070
content-length: 127892
last-modified: Mon, 03 May 2021 11:56:38 GMT
server: cloudflare
etag: "608fe4f6-1f394"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 20:58:16 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f2f5c0c4aaa-FRA
cf-bgj: h2pri

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 99 KB
39 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PK242ZN&t=gtm6&cid=2020675983.1629320297

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6af4e90d7d186e4958e242c1d9cf5bcac217d7369135f6409af3be13921d53f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40319
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 19:17:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 20:58:16 GMT

GET
H3-29 200 253260574877409 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 134ms
134ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/253260574877409?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5c889b8630526ba17c6985d370bb75ac5d5a04eca5a826225eac3109604a33b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: wDSH5mywDNmBDiY23XfKplawL1YDQTN49TloDl1IB7soBbLZm5gisXwtaQPhPcORJG8mGQw8gz8+K2ullAfIWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 18 Aug 2021 20:58:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 4027671.js Show response
bat.bing.com/p/action/ 0
92 B 212ms
212ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/p/action/4027671.js
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 18 Aug 2021 20:58:16 GMT
cache-control: private,max-age=86400
x-msedge-ref: Ref A: C58996181870465FB6CB10FACAC1D293 Ref B: FRAEDGE1308 Ref C: 2021-08-18T20:58:16Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
117 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=4027671&tm=gtm001&Ver=2&mid=f409074c-5d10-4b00-ba07-97274fe7c2e3&sid=02c15e30006711ecb26711ffd07ee45d&vid=02c1a700006711eca9c8c3c8f7f2abc0&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&p=https%3A%2F%2Fwww.totvs.com%2F&r=&lt=1459&evt=pageLoad&msclkid=N&sv=1&rn=848695
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 18 Aug 2021 20:58:16 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 715B03E5D7BB4C619CE9A7AFADC19617 Ref B: FRAEDGE1308 Ref C: 2021-08-18T20:58:16Z
x-cache: CONFIG_NOCACHE
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-MX98CJT33W&gtm=2oe8g0&_p=1477126953&sr=1600x1200&ul=en-us&cid=2020675983.1629320297&_s=1&dl=https%3A%2F%2Fwww.totvs.com%2F&dt=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&sid=1629320296&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MX98CJT33W&l=dataLayer&cx=c
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986934172/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986934172/?random=1629320297026&cv=9&fst=1629320297026&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

421e0c78866add679d38388f1a5470b472c4600b807208723c52746f317f3034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1021
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

event Show response
widget.us.criteo.com/
Redirect Chain

https://sslwidget.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639
https://widget.us.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639

1 KB
1 KB

417ms
144ms

Script
application/x-javascript

74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.us.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 826bce46e8dc355050fc8e9153c799a7d8c9957a392820aeb94affafd56e2b9e

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
timing-allow-origin: *
x-powered-by: ASP.NET
vary: Accept-Encoding
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 26538
content-type: application/x-javascript
content-length: 863
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:16 GMT
server: Microsoft-IIS/10.0
location: https://widget.us.criteo.com/event?a=37490&v=5.7.1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&tld=totvs.com&dtycbr=53639
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3262
timing-allow-origin: *
content-length: 0
expires: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1477126953&t=pageview&_s=1&dl=https%3A%2F%2Fwww.totvs.com%2F&ul=en-us&de=UTF-8&dt=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAEADQAAAAC~&jid=2068575348&gjid=1841105000&cid=2020675983.1629320297&tid=UA-4115291-31&_gid=885041048.1629320297&_r=1&gtm=2wg8g0K27XC5M&cd32=2020675983.1629320297&z=562698001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FDE1 11 KB
5 KB 117ms
13ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=www.totvs.com&origin=onetag

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=www.totvs.com&origin=onetag
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.totvs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.totvs.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2024
set-cookie: uid=185270b1-53a0-463c-843d-2e50139b7add; expires=Mon, 12 Sep 2022 20:58:17 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 18 Aug 2021 20:58:16 GMT
content-length: 4664

GET
H2 200 79074 Show response
api.omappapi.com/v2/embed/ 5 KB
2 KB 259ms
142ms XHR
application/json 13.224.96.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.omappapi.com/v2/embed/79074?d=totvs.com
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-84.zrh50.r.cloudfront.net
Software: Pagely Gateway/1.5.1 /
Resource Hash: e61df41a4ddcd9f8e767502ac4cd061ef1455c052235cd3ef8ed9a037155903a

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
x-cache-config: 0 0
x-amz-cf-pop: ZRH50-C1
x-cache-status: HIT
x-cache: Miss from cloudfront
access-control-allow-headers: X-CSRF-Token
x-optinmonster-account: 88897
x-user-agent: standard--
last-modified: Fri, 25 Jun 2021 21:30:37 GMT
server: Pagely Gateway/1.5.1
etag: W/"79b580bf5abebd4bbf859deee78e597c"
vary: Accept-Encoding, User-Agent
content-type: application/json
via: 1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
access-control-expose-headers: X-OptinMonster-Account, X-User-Agent
cache-control: public, max-age=30, stale-while-revalidate=1800
access-control-allow-origin: *
x-amz-cf-id: I-hZD9y7zYqMw4klWlXCor9WYGN7Xdg2Ijzs4ObaqhqP21bZgaPhtw==
expires: Wed, 18 Aug 2021 20:53:24 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c08::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-4115291-31&cid=2020675983.1629320297&jid=2068575348&gjid=1841105000&_gid=885041048.1629320297&_u=aHDAAEACQAAAAC~&z=10638893

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 18 Aug 2021 20:58:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/986934172/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986934172/?random=1629320297026&cv=9&fst=1629316800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&async=1&fmt=3&is_vtc=1&random=3723265658&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/986934172/ 42 B
108 B 18ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986934172/?random=1629320297026&cv=9&fst=1629316800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8g0&sendb=1&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&async=1&fmt=3&is_vtc=1&random=3723265658&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=253260574877409&ev=PageView&dl=https%3A%2F%2Fwww.totvs.com%2F&rl=&if=false&ts=1629320297202&sw=1600&sh=1200&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629320297201.1033206081&it=1629320296918&coo=false&rqm=GET

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 18 Aug 2021 20:58:17 GMT

GET
H2 200 dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
adservice.google.com/ddm/fls/z/ Frame 0969 42 B
107 B 31ms
31ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F

Requested by

Host: 10408215.fls.doubleclick.net
URL: https://10408215.fls.doubleclick.net/activityi;dc_pre=CM3EmIy7u_ICFcVPGwodIwwNBQ;src=10408215;type=totvs;cat=page_0;ord=7154194436554;u=%2F;gtm=2wg8g0;auiddc=723369902.1629320297;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10408215.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame 8D27 44 KB
17 KB 68ms
64ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 8955376.fls.doubleclick.net
URL: https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

d08e09c268f409b78b36499f3fc723aa7b8937adf935093b4175756365bcd196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8955376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
server: cafe
etag: 17909373534660482497
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:58:17 GMT

GET
H3-29 200 dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=*;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F
adservice.google.com/ddm/fls/z/ Frame 8D27 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=*;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8955376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 20ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4115291-31&cid=2020675983.1629320297&jid=2068575348&_u=aHDAAEACQAAAAC~&z=536460518

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j92&tid=UA-4115291-31&cid=2020675983.1629320297&jid=2068575348&_u=aHDAAEACQAAAAC~&z=536460518

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame FDE1
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=totvs.com&sn=ChromeSyncframe&so=0&topUrl=www.totvs.com&cw=1
https://mug.criteo.com/sid?cpp=mxMNMXx3V09PVWRKU3VIZUxzUjhtY2FraDAzNzQ3WG5SSmI3NlVCclJaaGtLdEdrbHFtSmpJdmhXM0Y3Z3lCTXNsZTM4L09iMjN4RHFoczYrVkpEUkRqRk5nUDQ4ajNWaEMxZWwyakc5aXlHRXhLQm1CSGVYTXJ1TFlSYU...

428 B
621 B

277ms
61ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=mxMNMXx3V09PVWRKU3VIZUxzUjhtY2FraDAzNzQ3WG5SSmI3NlVCclJaaGtLdEdrbHFtSmpJdmhXM0Y3Z3lCTXNsZTM4L09iMjN4RHFoczYrVkpEUkRqRk5nUDQ4ajNWaEMxZWwyakc5aXlHRXhLQm1CSGVYTXJ1TFlSYUgxV2RENWEvNi96VEhFQW55djY5bnBpczF5V3JEQnBmTjhKSmNycEhVOERSeFZNcFQ0dHNPS1FjMjMrakNicVNFeVpLUHFPV3d1TEZpUmhDa2VqOWZwdTN6UkIzWHowZWMxaWkxbnFtNXNVK0ZWZlJoYW9ObVZ2N2xNQisxUWJSMHpSaG9jTC9wNE9DVTAvUnpOeTVYVUEzQWo3QUtQdz09fA&cppv=2

Requested by

Host: www.totvs.com
URL: https://www.totvs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ed31963b63f42870736127fcaeb09a62851f699ccc1a2a9a5d69e010ef613dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 18 Aug 2021 20:58:16 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2393
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 18 Aug 2021 20:58:16 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=mxMNMXx3V09PVWRKU3VIZUxzUjhtY2FraDAzNzQ3WG5SSmI3NlVCclJaaGtLdEdrbHFtSmpJdmhXM0Y3Z3lCTXNsZTM4L09iMjN4RHFoczYrVkpEUkRqRk5nUDQ4ajNWaEMxZWwyakc5aXlHRXhLQm1CSGVYTXJ1TFlSYUgxV2RENWEvNi96VEhFQW55djY5bnBpczF5V3JEQnBmTjhKSmNycEhVOERSeFZNcFQ0dHNPS1FjMjMrakNicVNFeVpLUHFPV3d1TEZpUmhDa2VqOWZwdTN6UkIzWHowZWMxaWkxbnFtNXNVK0ZWZlJoYW9ObVZ2N2xNQisxUWJSMHpSaG9jTC9wNE9DVTAvUnpOeTVYVUEzQWo3QUtQdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1609
content-length: 541
expires: 0

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 9C4C 5 KB
6 KB 139ms
138ms Document
text/html 52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

08858697f75ab4202ff312e2450d9fb772fe4b5162d3604bd40de73680669edd

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Host: s.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A-XqlbK52k2ppJ1BWCv04h8; ad-privacy=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D234c3de8-22f7-d482-b76c-8cd6151731e2%26type%3DUNKNOWN%26m%3D526970&ex-fch=416613&ex-src=https://www.totvs.com/&ex-hargs=v%3D1.0%3Bc%3D583442396908762195%3Bp%3D234C3DE8-22F7-D482-B76C-8CD6151731E2&cb=188332281667030750&dcc=t

Response headers

Server: Server
Date: Wed, 18 Aug 2021 20:58:17 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 5180
Connection: keep-alive
x-amz-rid: A31PR81FQPQ4NYEG30BV
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Permissions-Policy: interest-cohort=()

GET
H3-29 200 / Show response
www.googleadservices.com/pagead/conversion/784984663/ Frame 8D27 2 KB
1 KB 56ms
56ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/784984663/?random=1629320297402&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

baf9aac059d954b1d78ce790bed9e4e625aded9b832bbb44a135a850fa5ab778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8955376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/privacysandbox/conversion/784984663/ Frame 8D27 0
0 15ms
15ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/pagead/privacysandbox/conversion/784984663/?random=1629320297402&cv=9&fst=1629320297402&num=1&fmt=3&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&async=1
Requested by: Host: 8955376.fls.doubleclick.net
URL: https://8955376.fls.doubleclick.net/activityi;dc_pre=CKHAmIy7u_ICFbUbBgAdro0CBw;src=8955376;type=genvisit;cat=pagev0;ord=881020243182;gtm=2wg8g0;auiddc=723369902.1629320297;u1=%2F;ps=1;~oref=https%3A%2F%2Fwww.totvs.com%2F?
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://8955376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 50ms
50ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Wed, 18 Aug 2021 20:58:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 webfont.js Show response
a.omappapi.com/app/js/webfont/1.5.18/ 16 KB
7 KB 44ms
43ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js
Requested by: Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/api.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
content-encoding: br
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 08/11/2021 05:08:04
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 200
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Thu, 27 May 2021 17:38:16 GMT
cdn-proxyver: 1.0
cdn-fileserver: 162
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestid: c913462c05fa4d645e8ca98ea33c6cb2
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 7f188a5729311623418197-totvs_campaign_110621.gif
a.omappapi.com/users/c8b7167f18b6/images/ 180 KB
181 KB 51ms
50ms Image
image/webp 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.omappapi.com/users/c8b7167f18b6/images/7f188a5729311623418197-totvs_campaign_110621.gif
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 4346990adf059cb113ccff5a9e666af8e2a900c52e0593749d85e845b920e344

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
cdn-edgestorageid: 756
perma-cache: HIT
cdn-storageserver: DE-51
cdn-cachedat: 08/11/2021 13:42:18
cdn-pullzone: 293267
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 184658
server: BunnyCDN-DE1-756
access-control-allow-origin: *
last-modified: Fri, 11 Jun 2021 13:31:33 GMT
cdn-proxyver: 1.0
cdn-fileserver: 125
content-type: image/webp
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-uid: efcab737-66db-4b75-ab55-ed485d5a01dd
cdn-requestpullcode: 200
cdn-requestid: b284f13493f52632acbcb496d4fde47c
accept-ranges: bytes
cdn-requestcountrycode: RO
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3-29

200

/
www.google.de/pagead/1p-conversion/784984663/ Frame 8D27
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
https://www.google.de/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u...

42 B
64 B

21ms
21ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aXQdYbvJGpHtgQfKxZ3oDQ&cid=CAQSKQCNIrLM5UeZ_tPPvgDDmIhehXcSbxN8onkzzNKFxaU73_FbxUcCy_-G&random=3654345386&resp=GooglemKTybQhCsO&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8955376.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/784984663/?random=1579352804&cv=9&fst=1629320297402&num=1&npa=1&label=XUubCLC9lssBENfUp_YC&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F8955376.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCKHAmIy7u_ICFbUbBgAdro0CBw%3Bsrc%3D8955376%3Btype%3Dgenvisit%3Bcat%3Dpagev0%3Bord%3D881020243182%3Bgtm%3D2wg8g0%3Bauiddc%3D723369902.1629320297%3Bu1%3D%252F%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fwww.totvs.com%252F%3F&ref=https%3A%2F%2Fwww.totvs.com%2F&capi=1&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=aXQdYbvJGpHtgQfKxZ3oDQ&cid=CAQSKQCNIrLM5UeZ_tPPvgDDmIhehXcSbxN8onkzzNKFxaU73_FbxUcCy_-G&random=3654345386&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dxtf-1621550208998%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=StqHvx9999YOIhNC

43 B
556 B

364ms
149ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=StqHvx9999YOIhNC

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6WEC0DGQEBKS2F9HZ0HD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=xtf-1621550208998&id=StqHvx9999YOIhNC
Date: Wed, 18 Aug 2021 20:58:17 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: b469
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=164880403882000473413&ex=neustar.biz

43 B
556 B

138ms
137ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=164880403882000473413&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: R4J9RM09A6E1X5VS7Q9W
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:17 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=164880403882000473413&ex=neustar.biz
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%5BRX_UUID%5D%26ex%3Drhythmone.com
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4411147616
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4411147616
https://sync.1rx.io/usersync/tradedesk/22195db8-e31c-4dc4-90f3-3047b4514e1f
https://sync.targeting.unrulymedia.com/csync/RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003%26ex%3Dr...
https://s.amazon-adsystem.com/ecm3?id=RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003&ex=rhythmone.com

43 B
556 B

168ms
139ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003&ex=rhythmone.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T3YQKB8RZSW0KSNKAWTZ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=RX-69db0caf-90cc-4eb6-ba92-94c44fb92651-003&ex=rhythmone.com
date: Wed, 18 Aug 2021 20:58:18 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX69db0caf90cc4eb6ba9294c44fb92651003
content-type: text/html

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=764658563eb7fef0d0a866048812ba6e

43 B
556 B

275ms
138ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=764658563eb7fef0d0a866048812ba6e

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:17 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8TFQ2EHCY47G2R65TH73
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=764658563eb7fef0d0a866048812ba6e
date: Wed, 18 Aug 2021 20:58:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=WvpIwy9999YOIhNC

43 B
556 B

346ms
148ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=WvpIwy9999YOIhNC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: ZY2SD2CDB3YEXP6E89FD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=WvpIwy9999YOIhNC
Date: Wed, 18 Aug 2021 20:58:17 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: b5b4
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1
https://pixel.advertising.com/ups/56466/sync?redir=true&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP0328a767-0067-11ec-9adb-0611ef1d130e
https://ups.analytics.yahoo.com/ups/56466/sync?redir=true&_origin=1&apid=UP0328a767-0067-11ec-9adb-0611ef1d130e&verify=true
https://s.amazon-adsystem.com/ecm3?id=22df2623c3465836f992407267d177bb5309cd2d&ex=aoldisplay.com

43 B
556 B

348ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=22df2623c3465836f992407267d177bb5309cd2d&ex=aoldisplay.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QPYR0MPDV8WTKVPBTAJ1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 18 Aug 2021 20:58:17 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?id=22df2623c3465836f992407267d177bb5309cd2d&ex=aoldisplay.com
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=59b6dca9-78d2-4ed1-a289-95f1bfde32c4

43 B
556 B

364ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=59b6dca9-78d2-4ed1-a289-95f1bfde32c4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: P1HRRP30J690DMPG1TEM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Date: Wed, 18 Aug 2021 20:58:17 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=59b6dca9-78d2-4ed1-a289-95f1bfde32c4

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 9C4C 43 B
183 B 289ms
94ms Image
image/gif 2600:1f18:612b:4264:3ca:5412:4ba5:20da
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:3ca:5412:4ba5:20da Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 9C4C 0
0 203ms
67ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
spl.zeotap.com/ Frame 9C4C 731 B
731 B 44ms
21ms Image
text/html 2606:4700:10::ac43:db6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=1353&env=mWeb&eventType=pageview&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dzeotap%26id%3D%24_ZTP_UUID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 680e0f338df92c2e-FRA
content-type: text/html
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: br
access-control-allow-headers: *

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=4ce0c93e23a4c1eb4b8a1531d168a596&ex=freewheel.tv&gdpr=0&gdpr_consent=

43 B
556 B

349ms
140ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=4ce0c93e23a4c1eb4b8a1531d168a596&ex=freewheel.tv&gdpr=0&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: C6VNA8SB7VBFXH11NNC8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=4ce0c93e23a4c1eb4b8a1531d168a596&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1629320297587057-588
Expires: Wed, 18 Aug 2021 20:58:17 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
556 B

282ms
136ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WDWWBK8RAMH3XSY9GHCG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 18 Aug 2021 20:58:17 GMT
via: 1.1 d7147e532e5cf73689fcb39fa760bcf3.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
content-security-policy-report-only: default-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com; script-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src http://*.amazon.com http://*.media-amazon.com http://*.ssl-images-amazon.com http://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=T28YWJEA46EAG8SANXKG:sn=www.imdb.com
x-cache: Miss from cloudfront
vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
content-length: 0
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
server: Server
x-amz-rid: T28YWJEA46EAG8SANXKG
strict-transport-security: max-age=47474747; includeSubDomains; preload
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
permissions-policy: interest-cohort=()
x-amz-cf-id: 3DCBs0-8YdtZdExfA9BktQk_OGxgYoXRFXDJr_wRn9hoFgW_1fRHEA==

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 9C4C 0
263 B 573ms
144ms Image
text/plain 54.81.7.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.81.7.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-81-7-92.compute-1.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Server: nginx/1.16.1
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e03fd4eb04ecddd1

43 B
556 B

145ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e03fd4eb04ecddd1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X6QR74X1VT2M4N50WPYP
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=e03fd4eb04ecddd1
date: Wed, 18 Aug 2021 20:58:18 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 93
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=1ef2l4uvQBilFgiFZCvwmg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=1ef2l4uvQBilFgiFZCvwmg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=50556601904437858871415683916500709630

43 B
556 B

144ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=50556601904437858871415683916500709630

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9DE2VKMKFYYQ6B0055MV
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v012-0461d9108.edge-irl1.demdex.com 6.3.1.20210623115127
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: lF361nYyQ30=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=50556601904437858871415683916500709630
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=1BzHgcbeTz6Jr3cPuaEVGg
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439019007493352&gdpr=&gdpr_consent=

43 B
556 B

139ms
138ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439019007493352&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FS31E4DMKK9TMZ57YB2Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:18 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812439019007493352&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET z
px.surveywall-api.survata.com/ Frame 9C4C 0
0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7275430821279675664

43 B
556 B

140ms
140ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7275430821279675664

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: DDKVSSFKGCCQ05SED4TR
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:18 GMT
server: nginx
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=7275430821279675664
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=0392358e-0067-11ec-98a3-18c6427b0106
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=0392353b-0067-11ec-98a3-18c6427b0106

43 B
556 B

146ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=0392353b-0067-11ec-98a3-18c6427b0106

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: Y27NY3EMBVJY50VF768E
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 18 Aug 2021 20:58:18 GMT
Server: nginx
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=0392353b-0067-11ec-98a3-18c6427b0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 128
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%2277c0f34c-e0a7-4bd2-b3e5-c791685a4318%22,%22Time%22:%2220210818T165818.330124%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=77c0f34c-e0a7-4bd2-b3e5-c791685a4318

43 B
556 B

145ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=77c0f34c-e0a7-4bd2-b3e5-c791685a4318

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 95ZZ19VEZ178D2YSH32K
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=77c0f34c-e0a7-4bd2-b3e5-c791685a4318
Server: LogModule 0.4
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEM4ig-wDKIPtPPt37uy5h3U&google_cver=1

43 B
556 B

145ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEM4ig-wDKIPtPPt37uy5h3U&google_cver=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NSBNBC6N8QQHTJJ46TRM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEM4ig-wDKIPtPPt37uy5h3U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9C4C
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amzn
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn

0
338 B

204ms
67ms

Image
text/plain

52.17.116.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.116.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-116-58.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:18 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1629320298
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=amzn
date: Wed, 18 Aug 2021 20:58:18 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1b69b31ed7999c8cff5641098fe7167d

43 B
556 B

144ms
143ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1b69b31ed7999c8cff5641098fe7167d

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1MMRZPE9Y1G3FB2BK6CW
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 18 Aug 2021 20:58:18 GMT
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=1b69b31ed7999c8cff5641098fe7167d
content-length: 108
x-amz-cf-id: mLg1sf6mOAcFR-JT1hWZhbAZNR-_ETXwRLEGg2kflmWU55bvYaO9Rg==

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7a7475e4-2bd5-c6c7-1671-bc093a559afe

43 B
556 B

145ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7a7475e4-2bd5-c6c7-1671-bc093a559afe

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 2Z1ACBYVCJP08537CBZJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 18 Aug 2021 20:58:18 GMT
content-encoding: gzip
server: OXGW/16.214.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=7a7475e4-2bd5-c6c7-1671-bc093a559afe
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__&s=184155&C=1
https://s.amazon-adsystem.com/ecm3?ex=index&id=KE9DWtanEGUop2jsdvKKfzc4dOE4ZgAC

43 B
556 B

147ms
146ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KE9DWtanEGUop2jsdvKKfzc4dOE4ZgAC

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: N599533MA6C1ERMQ0H4Y
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KE9DWtanEGUop2jsdvKKfzc4dOE4ZgAC
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 267
Expires: Wed, 18 Aug 2021 20:58:18 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=985C9ADB91E6F512

43 B
556 B

145ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=985C9ADB91E6F512

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: XHCQHE6BJC1SSHA83Y5X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:19 GMT
frontend-id: 9
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=985C9ADB91E6F512
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
https://s.amazon-adsystem.com/ecm3?id=5073386755746090242&ex=appnexus.com

43 B
556 B

142ms
142ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=5073386755746090242&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QWQC1CVG86AHF5RZNPQ9
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
X-Proxy-Origin: 37.120.211.172; 37.120.211.172; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6303e112-065d-4307-b241-802115413ebd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://s.amazon-adsystem.com/ecm3?id=5073386755746090242&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 9C4C 0
214 B 193ms
49ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2179&pt=n
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=oLHCYzjtQ8CYeGRQWY7irw&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
556 B

145ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: FHBF6R6W3PRWQ32GEM86
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://pixel.placed.com/api/v2/sync/custom-pixel?https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=
https://pixel.tapad.com/idsync/ex/receive?partner_id=1682&partner_device_id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.com%26id...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1682&partner_device_id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f&partner_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dplaced.co...
https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f

43 B
556 B

146ms
145ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: RJRY0KD6FK813DF2M9EJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=placed.com&id=amazon-70d5a4b7-1a0f-4a0f-855c-a70c4849f39f
date: Wed, 18 Aug 2021 20:58:18 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 204 /
loadus.exelator.com/load/ Frame 9C4C 0
324 B 154ms
48ms Image
text/plain 18.198.126.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xtf-1621550208998_ns_rx_bsw_bk_aold_n-visualiq_n-telaria_gem_n-zeotap-4_fw_imdb_n-lucid_n-samba.tv_adelphic_adb_mp_sv_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-semasio-ecm_an_rb_n-g-hmt_n-plced_nsln_nd_n-verizon_n-ispot_pm_tbl&fv=1.0&a=cm&ex-pl-n-g-hmt=oLHCYzjtQ8CYeGRQWY7irw&ep=eV6yR_5aswtsBflZN83I1YaWaIiSjr6G12Az0ABKf3CGfFl9UKUKT4rPAZBSMe9vhxLP682WM2z_R1LJnadQQ37V6a4wmXnVv4cQ9oqcLzE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.126.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:18 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D6A741D61382F872402EA5807

43 B
556 B

157ms
157ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D6A741D61382F872402EA5807

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8E4QT1HVX2BA09KN1JM7
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 18 Aug 2021 20:58:18 GMT
Server: openresty/1.15.8.2
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=BFB44F2D6A741D61382F872402EA5807
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html
Content-Length: 151
Expires: Wed, 18 Aug 2021 20:58:17 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58297/sync?_origin=1&redir=true
https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-hRSjM8N1l2OzjdORqlfLQDvukIzNZkw-

43 B
556 B

144ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-hRSjM8N1l2OzjdORqlfLQDvukIzNZkw-

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:18 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: VVM2YSS2Z6F22TM4KSHJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Wed, 18 Aug 2021 20:58:18 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://s.amazon-adsystem.com/ecm3?ex=verizonums&id=y-hRSjM8N1l2OzjdORqlfLQDvukIzNZkw-
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9a51047342b9fda1a9fd60dcb84f0bcf941a2fafa62e4d570fadf8318e73f435

43 B
556 B

141ms
141ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9a51047342b9fda1a9fd60dcb84f0bcf941a2fafa62e4d570fadf8318e73f435

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 9FYT80Y5X6NT4XEZBS0V
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:18 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=9a51047342b9fda1a9fd60dcb84f0bcf941a2fafa62e4d570fadf8318e73f435
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=964CC43B-66C6-4D94-8DDF-7A206252778C

43 B
556 B

140ms
140ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=964CC43B-66C6-4D94-8DDF-7A206252778C

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QBESVA22Q9GM36M6WECE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=964CC43B-66C6-4D94-8DDF-7A206252778C
date: Wed, 18 Aug 2021 20:58:18 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 9C4C
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7db408f6-aba5-44c3-a72c-65e3457ecb56-tuct816f9ea

43 B
556 B

145ms
144ms

Image
image/gif

52.46.133.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7db408f6-aba5-44c3-a72c-65e3457ecb56-tuct816f9ea

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.133.124 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 18 Aug 2021 20:58:19 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: WWA05HH9H6TKRJ2NBBKY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=7db408f6-aba5-44c3-a72c-65e3457ecb56-tuct816f9ea
date: Wed, 18 Aug 2021 20:58:18 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 21026

GET
H2 200 client.pt.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 141ms
49ms XHR
application/json 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.pt.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js?ver=5.7.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e24"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Wed, 18 Aug 2021 20:58:17 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1747

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHtII5tAVm45N3XgL

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 18 Aug 2021 20:58:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 css
fonts.googleapis.com/ 4 KB
631 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,400

Requested by

Host: a.omappapi.com
URL: https://a.omappapi.com/app/js/webfont/1.5.18/webfont.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9adcc8a13d554b65180512dfe06e5d247c6584f2706971e7ea0496449a63ba76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 20:31:16 GMT
server: ESF
date: Wed, 18 Aug 2021 20:58:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 18 Aug 2021 20:58:17 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.totvs.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:36:10 GMT
x-content-type-options: nosniff
age: 159728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:36:10 GMT

GET
H3-29 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,400

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.totvs.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:29:17 GMT
x-content-type-options: nosniff
age: 160141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:29:17 GMT

GET
H2 200 hotjar-1118352.js Show response
static.hotjar.com/c/ 6 KB
3 KB 209ms
103ms Script
application/javascript 13.224.96.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1118352.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.91 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-91.zrh50.r.cloudfront.net

Software

Resource Hash

a34a712bf4bedf0f21bf51b2d44944f6e510912540d4239bc60675e5fc80d92d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: ZRH50-C1
etag: W/263273e1c7d721e86a118015bdedf443
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-id: yxU8DQ7Bd3I1pl1vdHPg4nv4vRLImralV5DkhCUzppqJ2djQ2znfZQ==
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)

GET
H2 200 modules.e763089bec9f2503d752.js Show response
script.hotjar.com/ 221 KB
59 KB 169ms
62ms Script
application/javascript 13.224.96.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e763089bec9f2503d752.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1118352.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.96.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-96-67.zrh50.r.cloudfront.net

Software

Resource Hash

b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 10:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59555
access-control-allow-origin: *
last-modified: Wed, 18 Aug 2021 10:31:58 GMT
etag: "59b0bd2bf71a6ea4a84151c51b91fba8"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c07945b00aad28e34fbfebb3d3907061.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: p8TojDlC0-fIapV4dWMj0GUYeicEfzlD5KLfevh_6Cvd5BgzJE2Zcg==

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame C904 2 KB
1 KB 158ms
52ms Document
text/html 13.224.96.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1118352.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-22.zrh50.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.totvs.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.totvs.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: BAbqKYvXu9ES7aN9unLFUCghkLwbIgXxKiTJ8jzDAAu8PVush8efFA==
age: 2752908

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
378 B 21ms
21ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=f7c3019a-28e4-42c7-a0f8-9c0bcbb59adb&fci=1e1b0108-68f9-49bb-a593-47297cab567d&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2287241&rcu=https%3A%2F%2Fwww.totvs.com%2F&pu=https%3A%2F%2Fwww.totvs.com%2F&t=TOTVS+-+A+maior+empresa+de+tecnologia+do+Brasil&cts=1629320299172&vi=47ab5442d87fca9b1bcba00d13262474&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: dc0ceddd-4a99-43a2-984e-8c0218a98e0c
cf-ray: 680e0f3deeaa4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpLLLbJttnwY7drtfd0SGoljNRvY8xhPGLPtgLVepha6O0ye5F41X5%2FNOt3%2B22nrUxa%2BfncsU9fyVGw7OysV6Zv1AGyMv0RASWR1UlRAOdqGAcW%2FhDpBV4tQXlcreWAuSX3wKbAagA0S8Mn4fOOo"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
355 B 36ms
36ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2287241&rcu=https%3A%2F%2Fwww.totvs.com%2F&pu=https%3A%2F%2Fwww.totvs.com%2F&t=TOTVS+-+A+maior+empresa+de+tecnologia+do+Brasil&cts=1629320299174&vi=47ab5442d87fca9b1bcba00d13262474&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 45f7b594-4044-4f13-84fd-9ce263ed3727
cf-ray: 680e0f3deeab4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9SldL3Pu2so9uxmAudIBfaILmGehH1KM1kApt3utv1gUequXowxmGlOLXp5SqjU9ftSdGuDBF2fBQLF8gddhoj2xPlHKcQiaIejBfXKQYqLyaWqwZrNOVeFGr%2FnEYbMhJr9aaqDe7%2Bb6Nj7TdI2"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
354 B 22ms
21ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=971ce355-5482-43d9-97e1-8bfb72b1b2d7&fci=fbe04c63-2a4d-456a-8aae-55cbbbf9bd63&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2287241&rcu=https%3A%2F%2Fwww.totvs.com%2F&pu=https%3A%2F%2Fwww.totvs.com%2F&t=TOTVS+-+A+maior+empresa+de+tecnologia+do+Brasil&cts=1629320299182&vi=47ab5442d87fca9b1bcba00d13262474&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 225eeae1-0879-4f41-a11c-4355a1c85249
cf-ray: 680e0f3deeae4e74-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CpEfq9sJGcFuEe4pdiDIoyCOryuN%2BRCuUf0e5e0Fw3VInr5o8vJCu%2BeMQk8J0mhEzcGttuYcBSmq1mJUzqLVkfVfUy6r5ZPjfT8K4fQ43a%2FUdv5gNYntlf7qDPvLlH230eBjPFf1zdKoMl9GlD30"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 conversion.js Show response
d.tailtarget.com/ 15 KB
6 KB 53ms
46ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/conversion.js
Requested by: Host: www.totvs.com
URL: https://www.totvs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 16:28:02 GMT
content-encoding: gzip
age: 16217
x-guploader-uploadid: ADPycdtfuZXHIzRVw8L75SFDQDA6epdqNgxZzCXApR5P_VvTwpGVdjcRofM0Pvbq8YiGQQhtWTYUoZbPQPVyboHZr1k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 6114
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "090fb4b641b03e182ef8a7fdc93d72de"
x-goog-hash: crc32c=VQO11g==, md5=CQ+0tkGwPhgu+Kf9yT1y3g==
content-language: en
x-goog-generation: 1618847013991944
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 6114
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Aug 2021 16:28:02 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986934172

Requested by

Host: tags.t.tailtarget.com
URL: https://tags.t.tailtarget.com/t3m.js?i=TT-14690-0/CT-1869

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

138066cfcfa5170e5d330a1a7a66be0b8a65db615884d8decc64cef3d0f19c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39099
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 19:17:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 20:58:19 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 21ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-986934172&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K27XC5M

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f7df97a1fc44189df7e17414388a7ccc07c5118f3fd7acf34659e9416bd1be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39105
x-xss-protection: 0
last-modified: Wed, 18 Aug 2021 19:17:11 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 18 Aug 2021 20:58:19 GMT

GET
H2 200 cf-location Show response
js.hs-banner.com/cookie-banner/ 2 B
1 KB 140ms
119ms XHR
text/plain 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/cookie-banner/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/2287241.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 7d2c2d2c-94dc-4cbe-ab82-26536ec33eae
cf-ray: 680e0f3e1c0b3240-FRA
content-length: 2
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.totvs.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id

GET
H3-29 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 67ms
67ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-986934172&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13981
x-xss-protection: 0
server: cafe
etag: 6132654052448080839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 18 Aug 2021 20:58:19 GMT

GET
H2 200 base.js Show response
d.tailtarget.com/ 20 KB
8 KB 45ms
45ms Script
application/javascript 35.201.123.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.tailtarget.com/base.js
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.123.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 03:33:15 GMT
content-encoding: gzip
age: 62704
x-guploader-uploadid: ADPycdtbywWja8r2Gy6LeDLrpUQDH_odbcvrOp1TIpNQWubUhW-O_XXA1qY4Ahmg-r-sSiINujJVwR4rDp16BDxdVg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 8332
last-modified: Mon, 19 Apr 2021 15:43:33 GMT
server: UploadServer
etag: "3f338dc5c15f92841113b0350587be44"
x-goog-hash: crc32c=sfk3og==, md5=PzONxcFfkoQRE7A1BYe+RA==
content-language: en
x-goog-generation: 1618847013907660
cache-control: public, max-age=86400,no-transform
x-goog-stored-content-length: 8332
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 19 Aug 2021 03:33:15 GMT

GET
H2 200 trk
tt-14690-0.seg.t.tailtarget.com/ 70 B
571 B 250ms
142ms Image
image/png 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tt-14690-0.seg.t.tailtarget.com/trk?tA=TT-14690-0&tJ=_channel:totvs-home:1&tK=1629320299&tM=direct&tL=direct&tN=direct&tY=3&tZ=534008023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-disposition: inline
content-type: image/png
alt-svc: clear
content-length: 70

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/986934172/ 2 KB
1 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/986934172/?random=1629320299295&cv=9&fst=1629320299295&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d345698cd3f4e6996def35b749f72a2126b1ed533edac9d8662326817a620e54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1045
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u Show response
b.t.tailtarget.com/ 54 B
464 B 313ms
214ms Script
application/x-javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/u?
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: 6758fd769eca7d0e035ebb8a2249be598611785b58d7e072dea2ab85123045aa

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/x-javascript
cache-control: private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/986934172/ 42 B
64 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/986934172/?random=1629320299295&cv=9&fst=1629316800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&async=1&fmt=3&is_vtc=1&random=1227336676&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/986934172/ 42 B
64 B 19ms
19ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/986934172/?random=1629320299295&cv=9&fst=1629316800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8g0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.totvs.com%2F&tiba=TOTVS%20-%20A%20maior%20empresa%20de%20tecnologia%20do%20Brasil&async=1&fmt=3&is_vtc=1&random=1227336676&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixel/ 256 B
515 B 133ms
133ms XHR
application/json 2606:4700::6811:c9cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=2287241

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:c9cc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2fdb95103c888cc7a7f6a46ab4e36da6fdbd279cbc11b34baf6b153364e0ed0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 893cb7cb-5833-4c62-b9af-f664ff4397fa
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
x-trace: 2B02BA372D35FE18F27B160D59FC74C90DFEF6F1D0000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ShP35YMZR66CGEHnmgInpxXGtCs6p%2Fgb4xiE0iK629kSwfKTvBiqN4NDMwW3H4%2BuALcGX3cnwyPu%2BFlLHBoq8vHXErstSc0y6ABIP2JeGQKB3sifkv4GnF2P1sy1LpkQ19EOxTBAXrCOhyvQ"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.totvs.com
access-control-allow-credentials: false
cf-ray: 680e0f3edd1cd6d9-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms.hubspot.com/lead-flows-config/v1/config/ 167 B
494 B 148ms
148ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/lead-flows-config/v1/config/json?portalId=2287241&utk=47ab5442d87fca9b1bcba00d13262474&__hstc=210444938.47ab5442d87fca9b1bcba00d13262474.1629320299165.1629320299165.1629320299165.1&__hssc=210444938.1.1629320299165&currentUrl=https%3A%2F%2Fwww.totvs.com%2F

Requested by

Host: js.hsleadflows.net
URL: https://js.hsleadflows.net/leadflows.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

590dd69bf43569b09fe1433b622cd2f06bd0cf8adc872fe3a2bb034a97d2812d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 10fdd695-069d-48db-ad8f-30b3183bf536
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-robots-tag: none
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahiPQQ6hL3Z88FsAkmKEVftrDdgRJN4xzXOx4ck1L5Tkygahzd2c5%2FQz7oFzsCiOu0G3%2FU277jOaHP0m7PLctWofhYgXFYEWWpvGbeq%2FZ2MAnwHiqJdBLOtmsaPdnXy2zfVBkVJsnnPW1UsTqW75"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.totvs.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 680e0f3efb724a68-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent

GET
H3-29 200 486471145625355 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 131ms
131ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/486471145625355?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ebac9c004e587be7f2a5778c2f96e47b4395fb3cc75cbf4232bc8b0a48603802

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: UIixhMyeW5CN/o94G594rGP3B5zjQm8drjH6BlobyzCH/tXIIKovkRYNUE0pAvzPuA//frPimU5z+7cmlddaNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 18 Aug 2021 20:58:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 1682321708577751 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 137ms
137ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1682321708577751?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fb720f50a9fd7d5138c0a9e71e19b8ce277f3854fc1bd63ecc3cfaf597a1cc7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: A8e5yggMuzDM74OXApKbMi8149saZTnfNv5kw8m6dk0ZCorIU9IFYx84FmPffbBOkAtOUNlYha8KkgXI7OHKhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 18 Aug 2021 20:58:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 b Show response
b.t.tailtarget.com/ 104 B
562 B 147ms
147ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://b.t.tailtarget.com/b?tA=TT-14690-0&tY=1&tS=4&tU=0100007F6B741D61B9067876028DF40D&tX=b.52&tZ=725386211
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: d23fd6627ada8a0751f8b21502a188d3565b9dcb805d054ffa66c9e8b542b912

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H2 200 ca Show response
tt-14690-0.seg.t.tailtarget.com/ 68 B
369 B 144ms
144ms Script
application/javascript 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tt-14690-0.seg.t.tailtarget.com/ca?tZ=80759989
Requested by: Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: b19b04c831aa64a6b9c4a828246a2835bc60f9aaca9fe1fb1221f5712a989f2d

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:19 GMT
via: 1.1 google
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private, proxy-revalidate
content-encoding: gzip
alt-svc: clear

GET
H3-29 200 1149962891840965 Show response
connect.facebook.net/signals/config/ 253 KB
72 KB 133ms
133ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1149962891840965?v=2.9.44&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44f3b813856dd0288909c71534cabdf9502edce144efdb52bb9aa1611325884f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: XdL/bb7yaMHkGuOrjcWl8sQWL8xDfbnGiSZ4zGNToMm5il+Wholy/WiuchsbzbQyrWOTPuZVYW9xTNwZu8MnNA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 18 Aug 2021 20:58:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 tr
www.facebook.com/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=253260574877409&ev=Tail&cd[custom_audience]=CA28909

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 18 Aug 2021 20:58:20 GMT

GET
H2

200

doubleclick
cm.t.tailtarget.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=tailtarget_dmp&google_cm&google_ula=6784871647
https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOomCNclzWmbbl4rMgZ4Etc&google_cver=1&google_ula=6784871647,0

70 B
372 B

159ms
143ms

Image
image/png

34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOomCNclzWmbbl4rMgZ4Etc&google_cver=1&google_ula=6784871647,0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
via: 1.1 google
server: nginx/1.17.8
content-type: image/png
cache-control: no-cache
content-disposition: inline
alt-svc: clear
content-length: 70

Redirect headers

pragma: no-cache
date: Wed, 18 Aug 2021 20:58:20 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.t.tailtarget.com/doubleclick?google_gid=CAESEOomCNclzWmbbl4rMgZ4Etc&google_cver=1&google_ula=6784871647,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=486471145625355&ev=PageView&dl=https%3A%2F%2Fwww.totvs.com%2F&rl=&if=false&ts=1629320300077&sw=1600&sh=1200&ud[external_id]=47ab5442d87fca9b1bcba00d13262474&v=2.9.44&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%221338880156305827%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22BRL%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22929376360792683%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1629320297201.1033206081&it=1629320296918&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 18 Aug 2021 20:58:20 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1682321708577751&ev=PageView&dl=https%3A%2F%2Fwww.totvs.com%2F&rl=&if=false&ts=1629320300079&sw=1600&sh=1200&ud[external_id]=47ab5442d87fca9b1bcba00d13262474&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629320297201.1033206081&it=1629320296918&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 18 Aug 2021 20:58:20 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1149962891840965&ev=PageView&dl=https%3A%2F%2Fwww.totvs.com%2F&rl=&if=false&ts=1629320300080&sw=1600&sh=1200&ud[external_id]=47ab5442d87fca9b1bcba00d13262474&v=2.9.44&r=stable&ec=0&o=30&fbp=fb.1.1629320297201.1033206081&it=1629320296918&coo=false&rqm=GET

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 18 Aug 2021 20:58:20 GMT

GET
H2 200 __tt.gif
t.tailtarget.com/ 43 B
298 B 149ms
142ms Image
image/gif 34.102.185.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.tailtarget.com/__tt.gif?tA=TT-14690-0&tE=0&tF=&tI=_warsaw_mazovia_pl_1629320299740_628675500&tJ=CA28909&tQ=totvs-home&tU=0100007F6B741D61B9067876028DF40D&tX=b.52&tY=1&tZ=238812632
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 99.185.102.34.bc.googleusercontent.com
Software: nginx/1.17.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:20 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.8
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, private, proxy-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDCKgnMqUMAncAbxK

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 18 Aug 2021 20:58:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryREAUgHEZRAOFBclZ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 18 Aug 2021 20:58:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarysILAEJfvYrCBqLdQ

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 18 Aug 2021 20:58:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.totvs.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 banner_hero-assinatura_eletronica3.jpg
www.totvs.com/wp-content/uploads/2021/05/ 97 KB
97 KB 67ms
66ms Image
image/jpeg 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/banner_hero-assinatura_eletronica3.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13b9fc9797c8fdfde89ce048dde9c44566228ee9a95ad5452d391bbf577743a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/banner_hero-assinatura_eletronica3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:22 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 270665
content-length: 99447
last-modified: Mon, 03 May 2021 15:04:28 GMT
server: cloudflare
etag: "609010fc-18477"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 20:58:22 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f51a87c4aaa-FRA
cf-bgj: h2pri

GET
H2 200 banner_hero-pix-1.jpg
www.totvs.com/wp-content/uploads/2021/05/ 79 KB
79 KB 25ms
24ms Image
image/jpeg 2606:4700::6812:f2b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.totvs.com/wp-content/uploads/2021/05/banner_hero-pix-1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f2b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a94adffe5f99aa6da8402e1daacee827f55e586f189e39942be30ab8b12018f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

:path: /wp-content/uploads/2021/05/banner_hero-pix-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.totvs.com
referer: https://www.totvs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.totvs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 20:58:27 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137634
content-length: 80755
last-modified: Mon, 03 May 2021 15:04:10 GMT
server: cloudflare
etag: "609010ea-13b73"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 18 Aug 2022 20:58:27 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 680e0f740fe44aaa-FRA
cf-bgj: h2pri

POST iev
csm.nl.eu.criteo.net/ Frame FDE1 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: px.surveywall-api.survata.com
URL: https://px.surveywall-api.survata.com/z?l=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsurvata.com%26id%3D

Domain: csm.nl.eu.criteo.net
URL: https://csm.nl.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~291

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.amazon-adsystem.com/	1970-01-20 02:00:46	Name: ad-id Value: A-XqlbK52k2ppJ1BWCv04h8
.doubleclick.net/	1970-01-20 05:56:56	Name: IDE Value: AHWqTUlOMW0RCOAzunRGytO1j8IgPUDtGlcPobgIv5NzYWh3clctKgpZwaDl0Fc6Tp0
.amazon-adsystem.com/	1970-01-21 17:28:08	Name: ad-privacy Value: 0
.totvs.com/	1970-01-19 20:35:22	Name: _hjFirstSeen Value: 1
.totvs.com/	1970-01-20 05:20:56	Name: _hjid Value: 0b2c474c-f167-4a01-8089-3d51eb3eb245
.totvs.com/	1970-01-20 06:04:44	Name: cto_bundle Value: 7WeYE19FN1E0WXYydVpxUUlYJTJGYTBJOUNyVUR6bEZvbk1WTVBwTGpLbDhVRk9QdkdkZzBxeiUyQkJBRU9XeERxS29IMUtUWnQxY3hJeGdKJTJCQ2U5R2Nvb2NqT0IyYlNMVVYzRlhBYkxyY09xOUhlUElrTVJEdHFPN25HYjdnbmZCSVFwWnQyVVlBZDFJeVpWaUFUY1kwYUFTVUs2TmclM0QlM0Q
.totvs.com/	1970-01-19 22:44:56	Name: _fbp Value: fb.1.1629320297201.1033206081
.totvs.com/	1970-01-19 20:36:46	Name: _gid Value: GA1.2.885041048.1629320297
.totvs.com/	1970-01-20 14:06:32	Name: _ga Value: GA1.2.2020675983.1629320297
www.totvs.com/	1970-01-19 20:35:21	Name: _omappvs Value: 1629320297180
.totvs.com/	1970-01-20 14:06:32	Name: _ga_MX98CJT33W Value: GS1.1.1629320296.1.0.1629320296.0
.totvs.com/	1970-01-20 05:56:56	Name: _uetvid Value: 02c1a700006711eca9c8c3c8f7f2abc0
.totvs.com/	1970-01-19 20:36:46	Name: _uetsid Value: 02c15e30006711ecb26711ffd07ee45d
.criteo.com/	1970-01-20 05:56:56	Name: uid Value: 185270b1-53a0-463c-843d-2e50139b7add
.totvs.com/	1970-01-19 20:35:20	Name: _gat_UA-4115291-31 Value: 1
www.totvs.com/	1970-01-19 20:35:22	Name: __atuvs Value: 611d7468f837de4f000
www.totvs.com/	1970-01-20 06:05:34	Name: __atuvc Value: 1%7C33
www.totvs.com/	1970-01-23 20:33:53	Name: _omappvp Value: 7SlLTIFAuzbSfMX0x4RDkUowaBTH8vyXwsjGALx2CYOTbP1VLE3v8iIAGiZm2TNELfbxO6ujEEQs6HYnWGxwuDOCCtwE8XUo
.totvs.com/	1970-01-19 22:44:56	Name: _gcl_au Value: 1.1.723369902.1629320297

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.totvs.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	warning	URL: https://www.totvs.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1(Line 2) Message: jQuery.Deferred exception: Cannot read property 'getItem' of null TypeError: Cannot read property 'getItem' of null at Object.init (https://www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js:79:21892) at o.fire (https://www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js:79:20283) at o.loadEvents (https://www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js:79:20338) at HTMLDocument.<anonymous> (https://www.totvs.com/wp-content/themes/totvs-theme/dist/scripts/main_f822d700.js:33:3430) at e (https://www.totvs.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:30005) at t (https://www.totvs.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1:2:30307) undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10408215.fls.doubleclick.net
8955376.fls.doubleclick.net
a.omappapi.com
aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
adservice.google.com
amazon.partners.tremorhub.com
api.hubapi.com
api.omappapi.com
b.t.tailtarget.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.t.tailtarget.com
cms.analytics.yahoo.com
code.jquery.com
connect.facebook.net
csm.nl.eu.criteo.net
d.tailtarget.com
dpm.demdex.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
image6.pubmatic.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hsforms.net
js.hsleadflows.net
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
match.adsrvr.org
mug.criteo.com
odr.mookie1.com
pi.ispot.tv
pixel.advertising.com
pixel.placed.com
pixel.tapad.com
px.surveywall-api.survata.com
s.amazon-adsystem.com
s7.addthis.com
sb.scorecardresearch.com
script.hotjar.com
spl.zeotap.com
sslwidget.criteo.com
ssum-sec.casalemedia.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
sync.1rx.io
sync.search.spotxchange.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.myvisualiq.net
t.tailtarget.com
tags.bluekai.com
tags.t.tailtarget.com
token.rubiconproject.com
track.hubspot.com
tt-14690-0.seg.t.tailtarget.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
usersync.samplicio.us
v1.addthisedge.com
v4.aloweb.com.br
vars.hotjar.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.imdb.com
www.totvs.com
x.bidswitch.net
z.moatads.com
csm.nl.eu.criteo.net
px.surveywall-api.survata.com
104.111.215.191
13.224.101.82
13.224.96.22
13.224.96.37
13.224.96.67
13.224.96.84
13.224.96.91
13.225.78.79
13.248.242.197
141.226.228.48
142.250.185.66
142.250.186.70
151.101.14.132
172.217.16.130
172.217.23.102
178.250.0.157
178.250.0.163
18.156.0.31
18.156.147.57
18.197.219.138
18.198.126.47
184.30.24.121
185.33.221.90
185.64.189.115
185.94.180.126
2.18.234.21
2.18.234.233
2.18.235.40
2001:4de0:ac18::1:a:2b
212.82.100.182
213.19.147.44
213.19.147.45
23.227.192.58
2600:1f18:612b:4264:3ca:5412:4ba5:20da
2606:4700:10::ac43:db6
2606:4700::6810:135e
2606:4700::6810:5705
2606:4700::6811:45b0
2606:4700::6811:72b0
2606:4700::6811:b649
2606:4700::6811:c9cc
2606:4700::6811:d6cc
2606:4700::6811:e6cc
2606:4700::6812:14bf
2606:4700::6812:15bf
2606:4700::6812:f2b
2606:4700::6813:9a53
2606:4700::6813:9b53
2620:1ec:c11::200
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9a
2a02:2638:1::13
2a02:2638:1::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f12d:83:face:b00c:0:25de
34.102.185.99
34.231.184.117
34.248.25.248
34.98.64.218
34.98.67.61
35.157.53.20
35.176.195.187
35.201.123.184
35.227.248.159
37.157.6.245
45.79.180.191
52.17.116.58
52.28.248.40
52.44.110.4
52.46.133.124
54.205.87.49
54.81.7.92
69.173.144.139
74.119.119.150
77.243.60.138
89.187.169.47
00580da1aeb93890306e5963b7e3ee28f2b58ca9517277ac50c2a4d9f05ea6e1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
052396e75c0818dbcb979eebe63a9009b3466f8341a87d9712033d9d21104873
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0717c824eab00345cb63e54b1c04f8e162c047fe91bd80aa9c28cd0089842e56
08858697f75ab4202ff312e2450d9fb772fe4b5162d3604bd40de73680669edd
092f8fae4a904ea171ac359ab219f4ddd8d04d32bef47c39e5b849f5cf957134
093c6c272cfccc5b7cb136b3352daa0c12bf7a95efda4268158fb3f5773af2ca
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138066cfcfa5170e5d330a1a7a66be0b8a65db615884d8decc64cef3d0f19c51
13b9fc9797c8fdfde89ce048dde9c44566228ee9a95ad5452d391bbf577743a1
14921667368d683f2e993189de83b6780f031641220a77397dda072a341af9eb
1c3bd00be556bf95f92a2ab1119b8b26544a1997ab0c09f86490bc32339ad32e
1e24e11b4548981a30992737afd70ee9f2f441fc6efe5899d0f71ce2792786bf
1f7df97a1fc44189df7e17414388a7ccc07c5118f3fd7acf34659e9416bd1be5
21e40781d16d749119e73d092fd3a91883640701f700496d38ddab1fdba4f3cb
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a0114ee843f8e5fcb15026a43365c3455464f43e1ea135b075e49662a9905b9
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d2c874f54c238ad94116711c271466697a81c3e2e42052c40187b67fe6eeaa9
2fb720f50a9fd7d5138c0a9e71e19b8ce277f3854fc1bd63ecc3cfaf597a1cc7
2fdb95103c888cc7a7f6a46ab4e36da6fdbd279cbc11b34baf6b153364e0ed0e
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
3f0bf1123a15c184c436d3acc0b512701903cd414bd2477e390a957e7c85c975
3f134beff0b35b96d2c9585a29afa413e607daa1a879a3c51655814726243dc5
421e0c78866add679d38388f1a5470b472c4600b807208723c52746f317f3034
4346990adf059cb113ccff5a9e666af8e2a900c52e0593749d85e845b920e344
44f3b813856dd0288909c71534cabdf9502edce144efdb52bb9aa1611325884f
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
5616add6b4d224693e4d114788b0c57e87809ca280f8da29311687432ab0734a
58fe5e58670b5b1f7988126a124ab9be5afd8a54411a31848112991fb208c8f1
590dd69bf43569b09fe1433b622cd2f06bd0cf8adc872fe3a2bb034a97d2812d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c1282fb121104f5a505ecbfd7194e64c98db6b830684450dcfc478021d05257
5c9d52752a77435bf944f20b90391d960cb3494c4f28c8e367edf4864296f4ee
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6103242d250b440688fd0e3fd3254bf1def8e41c19d9fce232cfded913a2aef5
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61804551df4850738aa4af379b154e46c0bcb9c200a2d2dc5e845ee702948c19
6758fd769eca7d0e035ebb8a2249be598611785b58d7e072dea2ab85123045aa
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6a5e498439af9c1264a3e83fac7e6d1c670d103de1a97aef111dc003fe1e89c2
6af4e90d7d186e4958e242c1d9cf5bcac217d7369135f6409af3be13921d53f5
6db1b5c1b434176c3587116e57b596990fe104e4de3ec85ac59575be60ccfa73
6f4615cfa4f34e69fe3bb29e285afee6cc08cace3a2fc2deb9ea17f9c1338fcf
72608f6bd417ce745000db1d556c5efe29a9e7c5041cb4d0bcc6b799d44d20f2
74fdbf39f852ad985b8d6b18dc8e09fa7afec7f0e00e724f88a6c49bc98edd1b
76c79d3af714cd2570cdee0ff55daf2022f51477a4b5a89de470068280f8ddb1
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7a7edb236cec879cb9a8e0025cb96baf63be11a9877eabac84fd83bdd43d2781
7c6ed5c5a9c4e563f13ef9ddd85313d0d22386dbedc02a1df069d8b2407b12c4
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
826bce46e8dc355050fc8e9153c799a7d8c9957a392820aeb94affafd56e2b9e
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f3638a07274186824d584038c798c850e3f3229223e79346461b1595db501c6
97ce1e1f5dbfda35ac979b593e79e1673a3e725790339d767e4a6ca6e94a4828
9adcc8a13d554b65180512dfe06e5d247c6584f2706971e7ea0496449a63ba76
9fcb284dec32d13d9bb6a6aa54fff481e7cce0b55c0fb6f91aab916b5475769e
a01583bb1046d42e54d2ddf18e6659d54025b7db0a792464dba2a2572e23c696
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a34a712bf4bedf0f21bf51b2d44944f6e510912540d4239bc60675e5fc80d92d
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a94adffe5f99aa6da8402e1daacee827f55e586f189e39942be30ab8b12018f1
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b19b04c831aa64a6b9c4a828246a2835bc60f9aaca9fe1fb1221f5712a989f2d
b24778ddf954b52d774d1620e1f7a371a0366c6b431cb979c11e0bf4fc6caa5d
b25f3758e102d1a5ab8f482458a2bf75165f51840d1056cedefa58a9c79cafb9
b82e44afaa1e0b330b87e32001948a8c27a0434f9c5ed9fadeec36b87a79fda0
b8e39dad2211fe2aafd3c487471c94934a5230aeb00608f59b80c880ce777440
baf9aac059d954b1d78ce790bed9e4e625aded9b832bbb44a135a850fa5ab778
c130f23d961ae1da752e6ffd3609246dfa3a3ff557075fdbc04def8df57fc621
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4243f7f5aa95631ca62fab376c3804859e808b66d373d07270872d23b8b081b
c5c889b8630526ba17c6985d370bb75ac5d5a04eca5a826225eac3109604a33b
cc331536462a180887b9ab74c2f523317ceb4499333280e052e838108e2b7e33
cc4f049e38bd3a6e6197ca877187ffddd8070122904a8ce1fa63ffd81f4a2747
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08e09c268f409b78b36499f3fc723aa7b8937adf935093b4175756365bcd196
d1870c49e74adfa2d70351cc067c6a3320da45d18231c5a31eb39356151620cb
d23fd6627ada8a0751f8b21502a188d3565b9dcb805d054ffa66c9e8b542b912
d345698cd3f4e6996def35b749f72a2126b1ed533edac9d8662326817a620e54
d559bf83d1df81ea8a6724b4df20ec1e01871f967c3aac04aa65bdf0f80fbe80
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc4fe4e0ed48044895a2582f9e16a71c12eabbc500450f19493310995fd4d060
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e61df41a4ddcd9f8e767502ac4cd061ef1455c052235cd3ef8ed9a037155903a
e9a11454525fb7d65ba44687dc98fbe310b3142962d0035c592d2a25e68637e0
eb2c7fc6bb58d9c89c7ee611401ebff775133d589a326603b0f863240bec9204
ebac9c004e587be7f2a5778c2f96e47b4395fb3cc75cbf4232bc8b0a48603802
ed31963b63f42870736127fcaeb09a62851f699ccc1a2a9a5d69e010ef613dad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

www.totvs.com Open in urlscan Pro 2606:4700::6812:f2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

163 Requests

99 %HTTPS

39 %IPv6

68 Domains

89 Subdomains

56 IPs

8 Countries

2501 kBTransfer

7151 kBSize

19 Cookies

23 Outgoing links

Page URL History

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.totvs.com Open in urlscan Pro
2606:4700::6812:f2b Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

99 %
HTTPS

39 %
IPv6

68
Domains

89
Subdomains

56
IPs

8
Countries

2501 kB
Transfer

7151 kB
Size

19
Cookies

163 HTTP transactions
0 data transactions