www.otempo.com.br Open in urlscan Pro
2a02:26f0:6c00::210:ba23 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://otempo.com.br/
Effective URL:
https://www.otempo.com.br/
Submission Tags: analytics-framework
Submission: On April 24 via api (April 24th 2023, 4:03:07 am UTC) from US — Scanned from DE

Summary HTTP 182 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 44 IPs in 6 countries across 28 domains to perform 182 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba23, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.otempo.com.br. The Cisco Umbrella rank of the primary domain is 213678.
TLS certificate: Issued by R3 on March 20th 2023. Valid for: 3 months.

This is the only time www.otempo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 53	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba23	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6812:d73b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
3	13.224.192.181 13.224.192.181	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.4.150 108.138.4.150	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1 19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4 5	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:bf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.222.250.91 52.222.250.91	16509 (AMAZON-02) (AMAZON-02)
5	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:10:... 2606:4700:10::6814:424	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.164.56.53 35.164.56.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	35.223.116.65 35.223.116.65	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.68.90.188 34.68.90.188	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:d63b	() ()
182	44

53 2a02:26f0:6c00::210:ba23 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:d73b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:bf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-91.fra60.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:424 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.mixcloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.164.56.53 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-164-56-53.us-west-2.compute.amazonaws.com

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.223.116.65 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.116.223.35.bc.googleusercontent.com

pageview-notify.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.68.90.188 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 188.90.68.34.bc.googleusercontent.com

popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:d63b (None, )

ASN- ()

onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	otempo.com.br 1 redirects otempo.com.br — Cisco Umbrella Rank: 213164 www.otempo.com.br — Cisco Umbrella Rank: 213678	1 MB
24	googlesyndication.com 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	131 KB
17	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 static.doubleclick.net — Cisco Umbrella Rank: 390 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 394	170 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	144 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91 region1.google-analytics.com — Cisco Umbrella Rank: 1718	84 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	862 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	139 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 jnn-pa.googleapis.com — Cisco Umbrella Rank: 310 gadasource.storage.googleapis.com — Cisco Umbrella Rank: 150383	57 KB
6	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3572 onesignal.com — Cisco Umbrella Rank: 1047 img.onesignal.com	88 KB
5	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 62491 clickiocdn.com — Cisco Umbrella Rank: 46127	236 KB
5	cloudfront.net d335luupugsy2.cloudfront.net	65 KB
5	navdmp.com tag.navdmp.com — Cisco Umbrella Rank: 25684 usr.navdmp.com — Cisco Umbrella Rank: 29308 cdn.navdmp.com — Cisco Umbrella Rank: 8329 sync2.navdmp.com — Cisco Umbrella Rank: 57742 sync.navdmp.com — Cisco Umbrella Rank: 16665	5 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 876	4 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	272 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	4 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	16 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 361 aax.amazon-adsystem.com — Cisco Umbrella Rank: 455	60 KB
2	rdstation.com.br pageview-notify.rdstation.com.br — Cisco Umbrella Rank: 119585 popups.rdstation.com.br — Cisco Umbrella Rank: 106684	868 B
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1606 ups.analytics.yahoo.com — Cisco Umbrella Rank: 402	847 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261 www.google.de — Cisco Umbrella Rank: 3425	939 B
2	go-mpulse.net s.go-mpulse.net — Cisco Umbrella Rank: 1502 c.go-mpulse.net — Cisco Umbrella Rank: 736	50 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	74 KB
1	mathtag.com 1 redirects pixel.mathtag.com — Cisco Umbrella Rank: 1405	620 B
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br — Cisco Umbrella Rank: 228906	461 B
1	mixcloud.com widget.mixcloud.com — Cisco Umbrella Rank: 486146	34 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1957	63 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 209	2 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 108	3 KB
182	28

	Domain	Requested by
52	www.otempo.com.br	www.otempo.com.br
15	pagead2.googlesyndication.com	95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net www.googletagservices.com
10	s0.2mdn.net	www.otempo.com.br s0.2mdn.net 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
9	www.youtube.com	www.otempo.com.br www.youtube.com
7	tpc.googlesyndication.com	95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
5	d335luupugsy2.cloudfront.net	www.googletagmanager.com d335luupugsy2.cloudfront.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	www.googletagmanager.com	www.otempo.com.br www.googletagmanager.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	jnn-pa.googleapis.com	www.youtube.com
4	googleads.g.doubleclick.net	1 redirects www.youtube.com 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	region1.google-analytics.com	www.googletagmanager.com
3	onesignal.com	cdn.onesignal.com
3	clickiocdn.com	s.clickiocdn.com
3	www.google.com	www.youtube.com tpc.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.otempo.com.br c.amazon-adsystem.com
2	s.clickiocdn.com	www.googletagmanager.com
2	googleads4.g.doubleclick.net	www.otempo.com.br
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdn.onesignal.com	www.otempo.com.br cdn.onesignal.com
2	www.googletagservices.com	www.otempo.com.br 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
2	fonts.googleapis.com	www.otempo.com.br client
1	img.onesignal.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	pageview-notify.rdstation.com.br	d335luupugsy2.cloudfront.net
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	sync.navdmp.com
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com
1	cdn.navdmp.com	tag.navdmp.com
1	www.google.de
1	ivccf.ivcbrasil.org.br
1	usr.navdmp.com	tag.navdmp.com
1	widget.mixcloud.com	www.googletagmanager.com
1	tag.navdmp.com	www.googletagmanager.com
1	gadasource.storage.googleapis.com	www.otempo.com.br
1	code.createjs.com	s0.2mdn.net
1	c.go-mpulse.net	s.go-mpulse.net
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	s.go-mpulse.net	www.otempo.com.br
1	otempo.com.br	1 redirects
182	53

This site contains links to these domains. Also see Links.

Domain
otempo.com.br
www.instagram.com
api.whatsapp.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
meu-perfil.otempo.com.br
especiais.otempo.com.br
www.clubeotempo.com.br
play.google.com
apps.apple.com

Subject Issuer	Validity	Valid
www.otempo.com.br R3	`2023-03-20` - `2023-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
akstat.io DigiCert TLS RSA SHA256 2020 CA1	`2023-04-05` - `2024-04-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
s.clickiocdn.com R3	`2023-03-23` - `2023-06-21`	3 months	crt.sh
mixcloud.com Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
*.ivcbrasil.org.br Amazon RSA 2048 M01	`2023-02-08` - `2023-06-29`	5 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.rdstation.com.br Sectigo RSA Domain Validation Secure Server CA	`2022-08-29` - `2023-09-29`	a year	crt.sh
adlmerge.com R3	`2023-04-23` - `2023-07-22`	3 months	crt.sh
popups.rdstation.com.br R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.otempo.com.br/
Frame ID: A94C0F2CEE38D5E63C049AA6814466AD
Requests: 123 HTTP requests in this frame

Frame: https://www.youtube.com/embed/duX3k3F9L8s
Frame ID: D3DCAE58E7B6DCF32B1AEFECFC56817B
Requests: 21 HTTP requests in this frame

Frame: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AAE7CFE2395353F94DD713E1DF6F91EC
Requests: 1 HTTP requests in this frame

Frame: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C665D6B77D811840CBEADC27A13158CE
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY7py05wEwAQ&v=APEucNV2-jwFIja9dfZyBjQzht9hej0HEM9Sad7H_5bfAevCsyqv0e_YEwnsGXwrUID3ykj1AiSLrKnwn-CS-S13x3M3ZOiJNkA1vTf-O7uEyaAD1Oy1J9E0RutrfcI4cyDm0Pt_V5aEORpX5Y9XcRHbuM7VJkWLzyPlsQguIjeBC_nuFZ55LrA
Frame ID: C9BEC7F4A2033E06837CED99CD50B634
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7D3883F2B416110696C0AB0013C6B72C
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
Frame ID: 886666E8D822CCD82C579F7385E96AD6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D345BCE3EEE6FF510335728535127F1C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10A26453282E0B60F342E02D1CD62C99
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPOLogo do Portal O TEMPO

Page URL History Show full URLs

https://otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Navegg (Analytics) Expand

Overall confidence: 100%
Detected patterns

tag\.navdmp\.com

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

RD Station (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

d335luupugsy2\.cloudfront\.net/js/loader-scripts/.*-loader\.js

Page Statistics

182
Requests

96 %
HTTPS

69 %
IPv6

28
Domains

53
Subdomains

44
IPs

6
Countries

3744 kB
Transfer

11221 kB
Size

28
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://otempo.com.br/assine
Title: Oferta especial R$1,90 no primeiro mês ASSINE AGORA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/otempo

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=5531998274455

Search URL Search Domain Scan URL

URL: https://www.facebook.com/portalotempo

Search URL Search Domain Scan URL

URL: https://twitter.com/otempo

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/sempre-editora/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/otempo/

Search URL Search Domain Scan URL

URL: https://meu-perfil.otempo.com.br/login?url=https%3A%2F%2Fwww.otempo.com.br%2F
Title: ENTRAR

Search URL Search Domain Scan URL

URL: https://meu-perfil.otempo.com.br/login?url=https://www.otempo.com.br/
Title: ENTRAR

Search URL Search Domain Scan URL

URL: https://especiais.otempo.com.br/
Title: Mais Conteúdo

Search URL Search Domain Scan URL

URL: https://www.clubeotempo.com.br/
Title: Clube o Tempo

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=br.com.emotiondigital.sempre_editora_fix&hl=pt_BR&gl=US

Search URL Search Domain Scan URL

URL: https://apps.apple.com/br/app/sempre-editora-o-tempo-super/id653128999

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&C=1

Request Chain 110

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEX-dKpcuVa.RzHbKBW1RAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&google_hm=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPdhKCg--6ENXkRRmr4Wt0Y&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdhKCg--6ENXkRRmr4Wt0Y%26google_cver%3D1

Request Chain 112

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUwMzkzNDMwOTY2MjE5Nzc2Ng%3D%3D

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79884425996 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=79884425996&google_gid=CAESEL67KWquyWkLMhUgoNb1Cd0&google_cver=1

Request Chain 167

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=56526445-ff75-4100-bd87-b6b38420aeaf

Request Chain 168

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG HTTP 302
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

182 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.otempo.com.br/
Redirect Chain

https://otempo.com.br/
https://www.otempo.com.br/

1 MB
216 KB

115ms
90ms

Document
text/html

2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0264b553f15c5229134e020b553312c51681e96f25aed9f3173e8d86b9e5cbde

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: max-age=39
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 24 Apr 2023 04:02:58 GMT
etag: "10726d-hw59KbXkFf4HvxzQiu+2QxSWsKY"
server: nginx
server-timing: cdn-cache; desc=REVALIDATE edge; dur=1 origin; dur=438 ak_p; desc="467308_34650655_171467973_3814_5211_47_0";dur=1
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-akamai-transformed: 9 215540 0 pmb=mNONE,1mRUM,2
x-frame-options: SAMEORIGIN

Redirect headers

cache-control: max-age=0
content-length: 0
date: Mon, 24 Apr 2023 04:02:58 GMT
location: https://www.otempo.com.br/
server: AkamaiGHost
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="467308_34650655_171467942_15_5266_47_0";dur=1

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
1 KB 80ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@300;400;700&family=Montserrat:wght@400;700&family=Roboto:wght@500&display=swap

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

708d8a4354c556b359a700108e0fb498e79ae1bf80a25946305aa2ba4bba7b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 04:00:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 74 KB
25 KB 120ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5baa0155587e932aaeb8c88494cccbde1e1c512411544d0571c47f9ef4bb322b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25098
x-xss-protection: 0
server: cafe
etag: 901 / 19471 / 31074080 / config-hash: 6342739278968460252
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 75ms
30ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2108
etag: W/"06f50014011c1fcd9e21b6b0481979de"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bcb742b9c6737e9-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Apr 2023 04:02:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
84 KB 116ms
62ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbb1c1b91e417d20d270046dedb6716ebd76c0cb37c915fa463b26d011000f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86231
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 87ms
33ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-9513496-7

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a333763bbb0e85b26f800b47b777d0f00e6b7810a0d025ca6baa42d9c429d6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45061
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 dfp-topo-header.js Show response
www.otempo.com.br/plugins/ 2 KB
1 KB 120ms
118ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/plugins/dfp-topo-header.js?v=1

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

450174fbf9507f6519a2515f438de527709fb5e0ca43a84874ad8d98229591c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 29 Mar 2023 01:03:11 GMT
server: nginx
etag: W/"773-1872ae3e498"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468025_720_5389_46_0";dur=1
accept-ranges: bytes
content-length: 734

GET
H2 200 dfp-anchor-ads.js Show response
www.otempo.com.br/plugins/ 2 KB
1 KB 73ms
71ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/plugins/dfp-anchor-ads.js?v=1

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

4bb5d38dbbe1eba27eb5c339624eca0c43d7dd37f8d4184f8a825f08ace3c835

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 29 Mar 2023 01:03:11 GMT
server: nginx
etag: W/"74b-1872ae3e498"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468026_209_5384_46_0";dur=1
accept-ranges: bytes
content-length: 738

GET
H2 200 ac3453a.js Show response
www.otempo.com.br/_nuxt/ 6 KB
4 KB 109ms
107ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/ac3453a.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

347dcd70ffa3aa6a5e40f13e39dac46b89a3b8137ec57a18acd6ecbb6708735a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"18a0-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468027_210_6139_46_0";dur=1
accept-ranges: bytes
content-length: 3369
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 24fd092.js Show response
www.otempo.com.br/_nuxt/ 252 KB
87 KB 71ms
69ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/24fd092.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

733a3b461beaa18c6a49455847f09e70b9b310e75931deaf54644763a82b5d18

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 05 Apr 2023 01:26:22 GMT
server: nginx
etag: W/"3f0c4-1874f05a230"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468028_293_4440_46_0";dur=1
accept-ranges: bytes
content-length: 88299
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 aeb5f0f.js Show response
www.otempo.com.br/_nuxt/ 533 KB
164 KB 72ms
70ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/aeb5f0f.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

554ced8b75005ec09fc250e61b29b9e07a8a804cd227aeb445e947d885cf6de7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 05 Apr 2023 22:21:11 GMT
server: nginx
etag: W/"853bb-187538273d8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468029_219_5317_46_0";dur=1
accept-ranges: bytes
content-length: 167654
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 5ac8651.js Show response
www.otempo.com.br/_nuxt/ 290 KB
65 KB 131ms
129ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/5ac8651.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

782097d7203f079c5e131d4104ba04ed161feaf1f89657472f2155bd13b21fb8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 12 Apr 2023 01:19:36 GMT
server: nginx
etag: W/"48695-187730bf440"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468030_717_5421_46_0";dur=1
accept-ranges: bytes
content-length: 65630
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 3245fe2.js Show response
www.otempo.com.br/_nuxt/ 267 KB
50 KB 110ms
108ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/3245fe2.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

30d728fcff547b708c6e4ad4de805c718b13f97dd01fc4424cfc27ff9cf9a8e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"42b96-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468032_290_4457_46_0";dur=1
accept-ranges: bytes
content-length: 51148
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 a59a840.js Show response
www.otempo.com.br/_nuxt/ 22 KB
7 KB 71ms
70ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/a59a840.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

a42482a5c0d922aec11123c93091c870b855e07d256b492aaedc9550157b7c4a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 05 Apr 2023 22:21:10 GMT
server: nginx
etag: W/"5709-18753826ff0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468034_245_4964_46_0";dur=1
accept-ranges: bytes
content-length: 6868
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 10598b5.js Show response
www.otempo.com.br/_nuxt/ 37 KB
11 KB 130ms
128ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/10598b5.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

bd928b4f995ac5bf7f33476af975fee508cffef16943c7b1d691d0cf81edcc7d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 05 Apr 2023 22:21:10 GMT
server: nginx
etag: W/"9555-18753826ff0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468035_720_5382_46_0";dur=1
accept-ranges: bytes
content-length: 10722
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 841a4a0.js Show response
www.otempo.com.br/_nuxt/ 32 KB
11 KB 72ms
70ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/841a4a0.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

b0990b2303a4152e34c267f532db69459c430fc4ad92b653938e9ae1d9ceaed3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 05 Apr 2023 22:21:10 GMT
server: nginx
etag: W/"7f5f-18753826ff0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468036_217_5275_46_0";dur=1
accept-ranges: bytes
content-length: 10368
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 1ba3d6d.js Show response
www.otempo.com.br/_nuxt/ 24 KB
3 KB 193ms
192ms Script
application/javascript 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/_nuxt/1ba3d6d.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

f34ac4eed7c587b82570a141739f38eab8764e4debdea0dbce02b29d726bca3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"5e05-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468084_2355_5648_46_0";dur=1
accept-ranges: bytes
content-length: 2926
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 otempo.79a9c73.svg
www.otempo.com.br/_nuxt/img/ 4 KB
1 KB 71ms
67ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/otempo.79a9c73.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"eed-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468189_560_5484_46_0";dur=1
accept-ranges: bytes
content-length: 1169
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 menu_ultimas-noticias.2a399b0.svg
www.otempo.com.br/_nuxt/img/ 1 KB
1 KB 109ms
109ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/menu_ultimas-noticias.2a399b0.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d15a8b96d52bd1836ea5fa817854c9518184128f6fe6a29422e263a7054c7375

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"5d3-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468205_1205_5860_46_0";dur=1
accept-ranges: bytes
content-length: 708
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 menu_super-noticia.141373b.svg
www.otempo.com.br/_nuxt/img/ 1 KB
1 KB 107ms
106ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/menu_super-noticia.141373b.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

9824ccf1dbfd47a854639dc52ed6882fed59b0c8f6d7ada5b97367aa7c494717

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"539-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468206_1885_6552_46_0";dur=1
accept-ranges: bytes
content-length: 669
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 menu_radio-super.3e7cdfc.svg
www.otempo.com.br/_nuxt/img/ 2 KB
1 KB 75ms
75ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/menu_radio-super.3e7cdfc.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

82c72eacaf7a31c85b91e538c455b3c69000d95b6ac02bf1ce6fc08c713e6651

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"834-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468207_1206_5836_46_0";dur=1
accept-ranges: bytes
content-length: 945
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 otempo.2efc296.png
www.otempo.com.br/_nuxt/img/ 866 B
1 KB 73ms
73ms Image
image/png 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/otempo.2efc296.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Tue, 28 Feb 2023 23:28:32 GMT
server: Akamai Image Manager
x-serial: 194
x-check-cacheable: YES
etag: W/"6a6-1869a573948"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468208_1223_6839_46_0";dur=1
content-length: 866
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 cookies.f33c01d.svg
www.otempo.com.br/_nuxt/img/ 33 KB
19 KB 53ms
52ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/cookies.f33c01d.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 13:31:28 GMT
server: nginx
etag: W/"8254-1877ff6b780"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468270_16_5708_46_0";dur=1
accept-ranges: bytes
content-length: 19404
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.2318754:1664583629/ 20 KB
20 KB 145ms
144ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2318754:1664583629/image.png?f=3x2&q=0.6&$p$f$q=c131a51&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cc3d46765cc2a644689236e6c399ca66bc9ddd993a950551d1fe6eb8af90d841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Mon, 24 Apr 2023 01:35:40 GMT
server: Akamai Image Manager
etag: "policy:1.2318754:1664583629"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=60, ak_p; desc="467308_34650655_171468228_6460_7245_46_0";dur=1
content-length: 20097
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855684:1682285098/ 30 KB
30 KB 120ms
119ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855684:1682285098/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 0443c7d4d4d0ea180740ed03639769318b1a7eb44ba9584ca8b1ccbe0404adf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Mon, 24 Apr 2023 01:35:47 GMT
x-serial: 1315
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855684:1682285098"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=36, ak_p; desc="467308_34650655_171468234_4032_7381_48_0";dur=1
content-length: 30249
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855642:1682277169/ 32 KB
33 KB 114ms
113ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855642:1682277169/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3b0d3f56dea685ac2617a181c2841c378a70889f2f266805809c6a025a694950

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 19:22:32 GMT
x-serial: 1536
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855642:1682277169"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=27, ak_p; desc="467308_34650655_171468235_3315_6477_51_0";dur=1
content-length: 32866
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/ 4 KB
5 KB 100ms
99ms Image
image/webp 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/image.jpg?f=1x1&w=600&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5b5f63cf93eb6c705ad674b48e5451f9fbdc156d43f51b9f709eeb878354f3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Thu, 03 Nov 2022 04:11:59 GMT
server: Akamai Image Manager
etag: "policy:1.2486894:1621362995"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="467308_34650655_171468229_1249_6228_46_0";dur=1
content-length: 4424
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.2672122:1653148273/ 3 KB
4 KB 142ms
140ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2672122:1653148273/image.png?f=1x1&w=600&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 098abf9de2d467cd1a4a9ca765d11437488e9979c00687158af9b89c90b77df2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Fri, 14 Apr 2023 17:37:14 GMT
server: Akamai Image Manager
etag: "policy:1.2672122:1653148273"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=51, ak_p; desc="467308_34650655_171468232_6137_7492_48_0";dur=1
content-length: 3517
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2486986:1621369511/ 4 KB
4 KB 110ms
109ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2486986:1621369511/image.jpg?f=1x1&w=600&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 94735b8eb670092747b5957d6dbcf3f1637923cb322d1624df49d936d8354d66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Mon, 17 Apr 2023 22:29:20 GMT
x-serial: 337
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2486986:1621369511"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=25, ak_p; desc="467308_34650655_171468231_2863_7499_51_0";dur=1
content-length: 3679
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2151220:1552942394/ 3 KB
3 KB 113ms
112ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2151220:1552942394/image.jpg?f=1x1&w=600&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 0993edc9c13f84b47ce9836c996a146bbb7dacf4d31ddb8c4152f5142bfb457f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Tue, 14 Mar 2023 10:41:37 GMT
server: Akamai Image Manager
etag: "policy:1.2151220:1552942394"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=28, ak_p; desc="467308_34650655_171468233_3199_7453_51_0";dur=1
content-length: 3146
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/ 3 KB
3 KB 137ms
136ms Image
image/webp 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/image.jpg?f=1x1&h=200&$p$f$h=49cc34d
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 41221a11e8ab4ebaf39d229bf38956ff29e080d2a5517f7c86a29e2970823fd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sat, 26 Feb 2022 01:20:45 GMT
x-serial: 1848
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2151207:1552941443"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=53, ak_p; desc="467308_34650655_171468230_5719_7664_48_0";dur=1
content-length: 2708
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855661:1682279918/ 6 KB
6 KB 58ms
58ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855661:1682279918/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 15842ebeb4c0aa33e806d9d64c20b223ab38cde5cb2d0629655c9c28f231ec2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 20:03:09 GMT
x-serial: 941
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855661:1682279918"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="467308_34650655_171468272_250_6938_46_0";dur=1
content-length: 5906
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855745:1682290889/ 20 KB
20 KB 64ms
64ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855745:1682290889/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: e44c05db73898e594bff523e1713c7d4dcd2ac02173f4b3ab8fc71b6423309e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 23:20:16 GMT
server: Akamai Image Manager
etag: "policy:1.2855745:1682290889"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468281_37_7877_46_0";dur=1
content-length: 20356
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855632:1682275708/ 32 KB
32 KB 72ms
71ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855632:1682275708/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 754055f0b32462d7625885c623524bb0f630d6173b347e9969d25cd68909206c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 18:54:20 GMT
x-serial: 553
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855632:1682275708"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="467308_34650655_171468282_920_7798_46_0";dur=1
content-length: 32348
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.JPG
www.otempo.com.br/image/contentid/policy:1.2855741:1682290301/ 5 KB
6 KB 69ms
68ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855741:1682290301/image.JPG?f=3x2&q=0.6&$p$f$q=72a5f24&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 7b9432f40cb52dcef8aee9d19b79860023b1ef136c726a31abc81923d247fb8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 22:55:07 GMT
server: Akamai Image Manager
etag: "policy:1.2855741:1682290301"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="467308_34650655_171468285_1025_7889_46_0";dur=1
content-length: 5427
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855620:1682275343/ 11 KB
11 KB 66ms
66ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855620:1682275343/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 3405dcf19124ba504b36ed7ef2cb535e25b7dbe0cf23a9e953e174f8523e68e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 19:10:41 GMT
server: Akamai Image Manager
etag: "policy:1.2855620:1682275343"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="467308_34650655_171468289_323_7326_46_0";dur=1
content-length: 10961
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855694:1682284351/ 11 KB
11 KB 66ms
63ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855694:1682284351/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 01ea44fb2f7b8fcf242f2f250c9c32f50ebb4cd047e51a43272ad58b104ded5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 23:59:01 GMT
x-serial: 569
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855694:1682284351"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=9, ak_p; desc="467308_34650655_171468293_897_7242_46_0";dur=1
content-length: 11069
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855722:1682287716/ 14 KB
14 KB 62ms
61ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855722:1682287716/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 89238cb49e395a44bb76768ea5241204ee3c9c050e22ad638d443cf681f84586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 22:16:32 GMT
server: Akamai Image Manager
etag: "policy:1.2855722:1682287716"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=4, ak_p; desc="467308_34650655_171468296_435_7934_46_0";dur=1
content-length: 14428
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855710:1682285763/ 22 KB
22 KB 75ms
72ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855710:1682285763/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 1a0365c5fc4fe041befd89d6a915af5ace660eea2bf1a2b74a6eab02b2da37cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 21:47:50 GMT
server: Akamai Image Manager
etag: "policy:1.2855710:1682285763"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=18, ak_p; desc="467308_34650655_171468302_1781_7454_46_0";dur=1
content-length: 22085
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.2855719:1682287533/ 11 KB
11 KB 335ms
335ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855719:1682287533/image.jpeg?f=3x2&q=0.6&$p$f$q=b30a877&w=600
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f7d241ae4a769219a47dc18e710d4bf12443c207c81871956df29bffd4688727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:59 GMT
last-modified: Sun, 23 Apr 2023 22:16:36 GMT
x-serial: 1172
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2855719:1682287533"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=280, ak_p; desc="467308_34650655_171468305_27993_7303_46_0";dur=1
content-length: 11165
expires: Wed, 24 May 2023 04:02:59 GMT

GET
H2 200 logo_canal_otempo.fc277ed.svg
www.otempo.com.br/_nuxt/img/ 18 KB
14 KB 98ms
97ms Image
image/svg+xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/_nuxt/img/logo_canal_otempo.fc277ed.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

6154027999b914d9d11ba0f62740f95175fbd27a5b2e13923a48555c02ef390c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Thu, 30 Mar 2023 19:11:42 GMT
server: nginx
etag: W/"497b-18733eed1b0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468236_430_6148_46_0";dur=1
accept-ranges: bytes
content-length: 14092
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373094:1682276913/ 13 KB
13 KB 68ms
68ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373094:1682276913/image.jpg?f=2x1&w=600&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: b157ac379ef1e7e5d6a4b749cde28979b236d331ce90ad342d517f78e04d1081

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 19:32:31 GMT
x-serial: 260
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2373094:1682276913"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=5, ak_p; desc="467308_34650655_171468306_1155_7406_46_0";dur=1
content-length: 13129
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373108:1682288806/ 18 KB
18 KB 66ms
66ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373108:1682288806/image.jpg?f=2x1&w=600&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 249839bce1c7c9e7140dabcf8dad233ef24f60ddd0b12a4c592c953493744ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 23:03:33 GMT
x-serial: 1066
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2373108:1682288806"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="467308_34650655_171468307_1140_7090_46_0";dur=1
content-length: 18116
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373108:1682288806/ 14 KB
15 KB 65ms
65ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373108:1682288806/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: bef7a4be7e8f678d4aaf008e93dde141b6d5210c250b4bb60477cccd0aa5057e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 22:57:39 GMT
x-serial: 1751
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2373108:1682288806"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=10, ak_p; desc="467308_34650655_171468322_975_7897_46_0";dur=1
content-length: 14743
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373106:1682288332/ 13 KB
14 KB 63ms
63ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373106:1682288332/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 2336825cc3775138a1157eb1ce8ea23fdafe54be28ac7d085648d077901b978d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 22:26:38 GMT
x-serial: 1403
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:3.2373106:1682288332"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=3, ak_p; desc="467308_34650655_171468326_347_7134_46_0";dur=1
content-length: 13816
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373081:1682274664/ 10 KB
11 KB 68ms
67ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373081:1682274664/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 5505c357b48804197613acca5b7041a8bfb262fb09c83102e4e4b0958ffa16f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 18:41:29 GMT
server: Akamai Image Manager
etag: "policy:3.2373081:1682274664"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=11, ak_p; desc="467308_34650655_171468334_1080_6775_46_0";dur=1
content-length: 10491
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373022:1682221612/ 10 KB
10 KB 65ms
65ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373022:1682221612/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: f0ca065121a6151b9773cbda516d9d869b488cf1845f7dce6ffb9a8ca7cba9b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 04:12:09 GMT
server: Akamai Image Manager
etag: "policy:3.2373022:1682221612"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467308_34650655_171468337_113_8630_46_0";dur=1
content-length: 10352
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373020:1682220233/ 10 KB
10 KB 65ms
65ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373020:1682220233/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: cff51143edf897ed3940d42cfae837646acdb92e6dc544b72fb0179a2b247f1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 04:13:01 GMT
server: Akamai Image Manager
etag: "policy:3.2373020:1682220233"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="467308_34650655_171468338_229_8614_46_0";dur=1
content-length: 9938
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373017:1682216246/ 14 KB
14 KB 61ms
61ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373017:1682216246/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 413c30da5214d0344d2a591dbd3e7a638cdc554545251a09e0c97a79ea46a009

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 04:12:09 GMT
server: Akamai Image Manager
etag: "policy:3.2373017:1682216246"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=8, ak_p; desc="467308_34650655_171468350_750_6691_46_0";dur=1
content-length: 14301
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:3.2373015:1682214563/ 12 KB
13 KB 62ms
62ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:3.2373015:1682214563/image.jpg?f=2x1&w=440&$p$f$w=7b9e5ac
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 57f04b5a466354feb4512d4b128979b1e9ab067421925e57fb76c2fb37c134e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Sun, 23 Apr 2023 04:12:10 GMT
server: Akamai Image Manager
etag: "policy:3.2373015:1682214563"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=2, ak_p; desc="467308_34650655_171468352_177_6925_46_0";dur=1
content-length: 12517
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2487293:1621434271/ 3 KB
4 KB 96ms
95ms Image
image/webp 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2487293:1621434271/image.jpg?f=1x1&w=600&$p$f$w=0b11e8a
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 38801ec57e55d5f84abffb9b4e033c018f2163f50b4cae3b2443923d3b450476

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Tue, 14 Jun 2022 20:18:00 GMT
x-serial: 1060
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2487293:1621434271"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=716, ak_p; desc="467308_34650655_171468367_3983_7127_46_0";dur=1
content-length: 3218
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.png
www.otempo.com.br/image/contentid/policy:1.2492272:1622455686/ 17 KB
17 KB 91ms
90ms Image
image/webp 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2492272:1622455686/image.png?f=1x1&w=600&$p$f$w=c7b8ea8
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 4a6f5ab201de77db1222bf17df0224effa9f02295a7a156f204235dd8fcdcd00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Tue, 14 Jun 2022 20:15:52 GMT
server: Akamai Image Manager
etag: "policy:1.2492272:1622455686"
content-type: image/webp
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=24, ak_p; desc="467308_34650655_171468368_2529_7832_46_0";dur=1
content-length: 17430
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.2846967:1681120475/ 22 KB
22 KB 93ms
93ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2846967:1681120475/image.jpeg?f=3x2&q=0.6&w=620&$p$f$q$w=99ff8d3
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 470fd901560ad98452867ea91af7b3d11ab8de72c43e9b8d01ab218bac6027d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Mon, 10 Apr 2023 09:59:40 GMT
server: Akamai Image Manager
etag: "policy:1.2846967:1681120475"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=29, ak_p; desc="467308_34650655_171468369_2989_7767_46_0";dur=1
content-length: 22576
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.2853739:1681988797/ 36 KB
36 KB 106ms
106ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2853739:1681988797/image.jpeg?f=3x2&q=0.6&w=620&$p$f$q$w=99ff8d3
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 820e594fe0fb8bd8509a08c1b6b5ef9bee2648fcb4448bdeef515d4cd2c4158a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Thu, 20 Apr 2023 11:11:20 GMT
x-serial: 75
server: Akamai Image Manager
x-check-cacheable: YES
etag: "policy:1.2853739:1681988797"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=45, ak_p; desc="467308_34650655_171468374_5047_8662_46_0";dur=1
content-length: 36837
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 image.jpeg
www.otempo.com.br/image/contentid/policy:1.2853036:1681902737/ 27 KB
27 KB 91ms
91ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2853036:1681902737/image.jpeg?f=3x2&q=0.6&w=620&$p$f$q$w=99ff8d3
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: ceb3a79c63f50d25a392d25e9a1e4eff9ec81559a80faca318542e94bdaa40c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Wed, 19 Apr 2023 11:15:31 GMT
server: Akamai Image Manager
etag: "policy:1.2853036:1681902737"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=26, ak_p; desc="467308_34650655_171468378_2703_8249_46_0";dur=1
content-length: 27419
expires: Wed, 24 May 2023 04:02:58 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 226 KB
56 KB 95ms
22ms Script
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:07:31 GMT
content-encoding: gzip
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
last-modified: Wed, 19 Apr 2023 20:25:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 3328
x-amz-server-side-encryption: AES256
etag: W/"d0373f28cbce103f094bc2631a9c8dd5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: pyBUBdsEnNsJfOUlMgUV764SUJ-vyuMeTUgyXCR5gZ0QGkc4OMYw_g==

GET
H2 200 SC47L-4MK55-7NYMX-JHS4F-UX8KX Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 139ms
41ms Script
application/javascript 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: br
last-modified: Wed, 12 Apr 2023 08:21:05 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
DATA 200
OK truncated
/ 924 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbfea72c839330ddf5dded4f83ca0cd77a8d51407ce3e2c051879cb068df267b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 733 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 754 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 duX3k3F9L8s Show response
www.youtube.com/embed/ Frame D3DC 73 KB
31 KB 121ms
73ms Document
text/html 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/duX3k3F9L8s

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e6d6f563b9d1814748947e7d639fb5d1a9b2c982c3a6b2f93782a7d8f4629847

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 04:02:58 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 716 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01a1be88dca6652fbd70f6d3e788dfc63ce043a4c326d42c774786c779a021ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/ 399 KB
124 KB 110ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 11:35:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59220
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126587
x-xss-protection: 0
server: cafe
etag: 1883905843074567667
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 22 Apr 2024 11:35:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 2 KB
1 KB 141ms
54ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.otempo.com.br

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4f58597b49f363f761c8b833113605b882ed34295f737aeed27f4abba30cfce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 558
x-xss-protection: 0
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 image.jpg
www.otempo.com.br/image/contentid/policy:1.2855798:1682301685/ 50 KB
50 KB 131ms
130ms Image
image/avif 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.otempo.com.br/image/contentid/policy:1.2855798:1682301685/image.jpg?f=3x2&q=0.6&$p$f$q=a6990f6
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: 606ed518b15c107e7c0e887e9b45c038857960b70c4c913f065200c45890df7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
last-modified: Mon, 24 Apr 2023 02:10:18 GMT
server: Akamai Image Manager
etag: "policy:1.2855798:1682301685"
content-type: image/avif
cache-control: no-transform, max-age=2592000
server-timing: cdn-cache; desc=HIT, edge; dur=37, ak_p; desc="467308_34650655_171468227_4916_7534_48_0";dur=1
content-length: 51003
expires: Wed, 24 May 2023 04:02:58 GMT

GET
DATA 200
OK truncated
/ 593 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c88a0057945c8339c3a7f8d03427f7f8ef7b3dfdb3c8488c763a807d9aaa7b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 www-player.css
www.youtube.com/s/player/d87d581f/ Frame D3DC 400 KB
51 KB 75ms
73ms Stylesheet
text/css 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40fba0019ff3cd5ef1ad3797b7b223a9f434ccf632b89f322241ef51434a389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 22:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18592
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52077
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 Apr 2024 22:53:06 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/d87d581f/www-embed-player.vflset/ Frame D3DC 355 KB
110 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d179f0e69da4cb3808800bac82c6be701f77b395677dd09621e8009680a960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112492
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Apr 2024 03:39:00 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame D3DC 2 MB
622 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc467c312a15005618c8c6b173f0e56ceac1b8d090cb65011457fbff00c45434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 15:41:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 636851
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 Apr 2024 15:41:57 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/d87d581f/fetch-polyfill.vflset/ Frame D3DC 9 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 23:27:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16547
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 22 Apr 2024 23:27:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3DC 15 KB
16 KB 73ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:28:35 GMT
x-content-type-options: nosniff
age: 102863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:28:35 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D3DC 15 KB
15 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:30:46 GMT
x-content-type-options: nosniff
age: 102732
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 23:30:46 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 38ms
38ms Script
application/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2108
etag: W/"2cf94922e2d551e8dc7c38c022a9a3ca"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 7bcb742c8d2937e9-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 27 Apr 2023 04:02:58 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
311 B 22ms
21ms XHR
text/plain 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.otempo.com.br&pubid=ee79b9e9-a905-4adf-925b-211c64726bba
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:26:24 GMT
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 2194
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.otempo.com.br
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: Lvnn2NtbNe-joy4AIAeuPIzKPvT29DCVc-mj8EVOntpDmmLv7Eu6xA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
465 B 134ms
62ms XHR
text/javascript 108.138.4.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.otempo.com.br%2F&pid=TsLaiQc5CX0fI&cb=0&ws=1600x1200&v=23.414.2006&t=2000&slots=%5B%7B%22sd%22%3A%22otempo_topo_header%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2Fotempo_topo_header%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots0%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots1%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots2%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots3%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots4%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots5%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots6%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots7%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots8%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22banner-entre-slots9%22%2C%22s%22%3A%5B%22970x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_entre_Slots%22%7D%2C%7B%22sd%22%3A%22bloco-pub-sidebar%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%2214159828%2Fotempo_right_300x600%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1607451624746-0%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2214159828%2Fotempo_fixed_all_pages_desktop_728x90%22%7D%2C%7B%22sd%22%3A%22otempo_bloco_anchor%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22sn%22%3A%2214159828%2Fotempo_fixed_all_pages_mobile_320x50%22%7D%2C%7B%22sd%22%3A%22banner-3-paragrafo%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_artigo_conteudo_3_paragrafo%22%7D%2C%7B%22sd%22%3A%22bloco-pub-fim-artigo%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%2214159828%2Fotempo_final_artigo_300x250%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6311404-87%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2214159828%2F_otempo_capa_ATF_right_300x600%22%7D%5D&pubid=ee79b9e9-a905-4adf-925b-211c64726bba&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.150 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-150.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: 0F1R6B3ZKMPYWYD9JSH5
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dWWo2yWVGuVFOzpgnmdWVU93mmomHXP36CB9pMHLnyblxygdUOSv5g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 64ms
20ms XHR
application/javascript 13.224.192.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-192-181.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: BeoItWAXLH_Ztd131J1ILFBRpuOxsQkH
content-encoding: gzip
via: 1.1 7eb0b6b84b224c3eff8520d4bc275e4c.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 21:04:17 GMT
x-amz-cf-pop: FRA2-C1
age: 79512
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 13 Apr 2023 22:29:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: DtqNhexNv7wF9CclF9rEHXqT54Nw0yHwYM7k1c2aGKeNX-oPfwwvvQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-9513496-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 02:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5234
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 04:35:44 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 75ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1VXJ83ESPC&gtm=45je34j0&_p=1693188914&cid=1055101010.1682308979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682308978&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:02:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 9 KB
811 B 74ms
31ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dffb1f1556a32bbd8cd8924fdc17b08c42c7cffd2cf1a78f46117a92b7939ed3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 04:02:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Apr 2023 04:02:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 81ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 81ms
30ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
7 KB 363ms
363ms XHR
text/plain 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2722018696516679&correlator=2444265952382980&eid=31073318%2C31074046%2C31074080%2C44777628%2C21065725&output=ldjh&gdfp_req=1&vrg=202304200101&ptt=17&impl=fif&iu_parts=14159828%2Cotempo_topo_header&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250%7C1190x250&ifi=1&adks=2238061759&didk=1176032611&sfv=1-0-40&prev_scp=refresh%3Dtrue%26refreshed_slot%3Dfalse%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1682308978816&lmt=1682308978&dlt=1682308978300&idt=468&adxs=436&adys=256&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.otempo.com.br%2F&frm=20&vis=1&psz=1248x0&msz=728x0&fws=0&ohw=0&ga_vid=1055101010.1682308979&ga_sid=1682308979&ga_hid=1693188914&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1df9eecc3df2c704df7f9381dd0ce305327c87bbfa087909882a3e315c1eae69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6701
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AAE7 6 KB
3 KB 529ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 04:02:59 GMT
expires: Tue, 23 Apr 2024 04:02:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D3DC
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

31ms
30ms

XHR
application/json

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c4d7f6ac80caedf34d5e7c3ccaf320aadc05ba839954e65a924fc4822196ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 24 Apr 2023 04:02:59 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D3DC 29 B
495 B 458ms
19ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:52:18 GMT
x-content-type-options: nosniff
age: 641
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Apr 2023 04:07:18 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 15:23:38 GMT
x-content-type-options: nosniff
age: 131960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 15:23:38 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 27ms
27ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 02:05:23 GMT
x-content-type-options: nosniff
age: 266255
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Apr 2024 02:05:23 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 14:34:09 GMT
x-content-type-options: nosniff
age: 134929
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 14:34:09 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 27ms
27ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1693188914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otempo.com.br%2F&ul=en-us&de=UTF-8&dt=O%20TEMPO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1597223491&gjid=136929152&cid=1055101010.1682308979&tid=UA-9513496-7&_gid=434775130.1682308979&_r=1&gtm=457e34j0&jsscut=1&z=705423226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:02:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 365ms
29ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 24 Apr 2023 04:02:59 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D3DC 66 KB
31 KB 38ms
38ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

418dc5b28c3ee7122a052426b5465034a8915a871b301299aa546d9653319d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 24 Apr 2023 04:02:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31347
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame D3DC 116 KB
36 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c82ac4e98af53271fb8168ec3a928368e436a9109bd3551b4075cf9522d277d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:17:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110724
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36573
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 21:17:35 GMT

GET
H2 200 ymD8mqb2jAHc-oWP6UM0kDpI7GaSG_zI3vXiXIPrEkw.js Show response
www.google.com/js/th/ Frame D3DC 36 KB
14 KB 342ms
20ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ymD8mqb2jAHc-oWP6UM0kDpI7GaSG_zI3vXiXIPrEkw.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca60fc9aa6f68c01dcfa858fe94334903a48ec66921bfcc8def5e25c83eb124c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:25:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 110263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14304
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 09:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 21 Apr 2024 21:25:16 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/duX3k3F9L8s/ Frame D3DC 2 KB
3 KB 338ms
28ms Image
image/webp 2a00:1450:4001:811::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/duX3k3F9L8s/default.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

069d9dd84485613e9b3c3939d4f6bb2af882e8cc95a1c1fecfd4882599d8fc58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:02:59 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2234
x-xss-protection: 0
server: sffe
etag: "1682209420"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 24 Apr 2023 04:07:59 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/ Frame D3DC 29 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca23d7dd19f4e069e1188fb446a1e53840ccb61d6685ce3383f5dba23770447f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 20:41:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 112892
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9037
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 02:50:49 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 21 Apr 2024 20:41:27 GMT

GET
DATA 200
OK truncated
/ Frame D3DC 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 CDLVBSDeQeaEbMkMmZJs5oXGNUBgGqzZkv-IgTvJ5ttE31JX6e3Sq1_MesFdr4AfsVY7k0Vk=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D3DC 2 KB
2 KB 73ms
21ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/CDLVBSDeQeaEbMkMmZJs5oXGNUBgGqzZkv-IgTvJ5ttE31JX6e3Sq1_MesFdr4AfsVY7k0Vk=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/duX3k3F9L8s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

684eaa951c303f40bfd620df088659e7699e93b478d2b4a94cd410071b2de57c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 01:00:45 GMT
x-content-type-options: nosniff
age: 10934
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1560
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 25 Apr 2023 01:00:45 GMT

GET
H2 200 container.html Show response
95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C665 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 04:02:59 GMT
expires: Tue, 23 Apr 2024 04:02:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mais-lidas-1.1431203 Show response
www.otempo.com.br/cmlink/ 87 KB
18 KB 262ms
261ms Fetch
text/xml 2a02:26f0:6c00::210:ba23
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.otempo.com.br/cmlink/mais-lidas-1.1431203
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/3245fe2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba23 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b251d5c069f664aebc4fb02ca7c64791db54d2b6c81d190d3d8295c14e3f404b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
referrer-policy: origin
server: nginx
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
cache-control: max-age=0, no-cache, no-store
server-timing: cdn-cache; desc=MISS, edge; dur=16, origin; dur=193, ak_p; desc="467308_34650655_171468716_20917_5249_46_0";dur=1
content-length: 17931
expires: Mon, 24 Apr 2023 04:03:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
348 B 93ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9513496-7&cid=1055101010.1682308979&jid=1597223491&gjid=136929152&_gid=434775130.1682308979&_u=YADAAUAAAAAAACAAI~&z=1442416389

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content config.json Show response
c.go-mpulse.net/api/ 0
184 B 178ms
54ms XHR
application/json 2a02:26f0:6c00:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SC47L-4MK55-7NYMX-JHS4F-UX8KX&d=www.otempo.com.br&t=5607697&v=1.720.0&sl=0&si=455cb121-35ff-4db8-85ed-daa241aca39d-rtlpwy&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=752979
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/SC47L-4MK55-7NYMX-JHS4F-UX8KX
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 Apr 2023 04:03:00 GMT
X-N: S
Connection: keep-alive
Timing-Allow-Origin: *
Content-Type: application/json

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D3DC 90 B
134 B 32ms
32ms XHR
application/json+protobuf 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c9bcce48e4b3d6e755b8a898825003c7e584f2be67d5e59ea50c57815f66321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 28ms
28ms Preflight
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 24 Apr 2023 04:03:00 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C9BE 624 B
246 B 34ms
33ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY7py05wEwAQ&v=APEucNV2-jwFIja9dfZyBjQzht9hej0HEM9Sad7H_5bfAevCsyqv0e_YEwnsGXwrUID3ykj1AiSLrKnwn-CS-S13x3M3ZOiJNkA1vTf-O7uEyaAD1Oy1J9E0RutrfcI4cyDm0Pt_V5aEORpX5Y9XcRHbuM7VJkWLzyPlsQguIjeBC_nuFZ55LrA

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 04:03:00 GMT
expires: Mon, 24 Apr 2023 04:03:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C665 78 KB
28 KB 162ms
159ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C665 42 B
110 B 56ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZVIWY2RrwNYWNLxW8sLWXsOG90SXFopTLhvkiNlmCV7z6RaDy81Qs8prFoGjK5SM9CFd5gC9XeSaik8QVCTHUbP5HAjmbSYJzotxhdkigYgRB17E

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C665 0
172 B 55ms
54ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13628644654529478022&x=1&ct=76

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C665 3 KB
1 KB 74ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 19:43:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 19:43:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame C665 19 KB
8 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 06:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78431
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 06:15:49 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C665 159 KB
49 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&C=1

43 B
766 B

23ms
22ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY7py05wEwAQ&v=APEucNV2-jwFIja9dfZyBjQzht9hej0HEM9Sad7H_5bfAevCsyqv0e_YEwnsGXwrUID3ykj1AiSLrKnwn-CS-S13x3M3ZOiJNkA1vTf-O7uEyaAD1Oy1J9E0RutrfcI4cyDm0Pt_V5aEORpX5Y9XcRHbuM7VJkWLzyPlsQguIjeBC_nuFZ55LrA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 04:03:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 04:03:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C9BE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZEX-dKpcuVa.RzHbKBW1RAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&google_hm=2

43 B
766 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY7py05wEwAQ&v=APEucNV2-jwFIja9dfZyBjQzht9hej0HEM9Sad7H_5bfAevCsyqv0e_YEwnsGXwrUID3ykj1AiSLrKnwn-CS-S13x3M3ZOiJNkA1vTf-O7uEyaAD1Oy1J9E0RutrfcI4cyDm0Pt_V5aEORpX5Y9XcRHbuM7VJkWLzyPlsQguIjeBC_nuFZ55LrA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 04:03:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAfSN12MQcv-bUukf2O5dE0&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame C9BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPdhKCg--6ENXkRRmr4Wt0Y&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdhKCg--6ENXkRRmr4Wt0Y%26google_cver%3D1

43 B
1 KB

28ms
27ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdhKCg--6ENXkRRmr4Wt0Y%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKfHXRDwwHsY7py05wEwAQ&v=APEucNV2-jwFIja9dfZyBjQzht9hej0HEM9Sad7H_5bfAevCsyqv0e_YEwnsGXwrUID3ykj1AiSLrKnwn-CS-S13x3M3ZOiJNkA1vTf-O7uEyaAD1Oy1J9E0RutrfcI4cyDm0Pt_V5aEORpX5Y9XcRHbuM7VJkWLzyPlsQguIjeBC_nuFZ55LrA

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 04:03:00 GMT
AN-X-Request-Uuid: 3520efe8-3635-4f54-a5a9-3e426439100b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 24 Apr 2023 04:03:00 GMT
AN-X-Request-Uuid: 4897dcab-1f33-4b0a-87b1-0f3e2d6ff6c9
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPdhKCg--6ENXkRRmr4Wt0Y%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C9BE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUwMzkzNDMwOTY2MjE5Nzc2Ng%3D%3D

170 B
243 B

32ms
31ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUwMzkzNDMwOTY2MjE5Nzc2Ng%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 24 Apr 2023 04:03:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ac75eafd-1415-4bea-8cbf-fa22b6be9e84
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTUwMzkzNDMwOTY2MjE5Nzc2Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D3DC 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?RdkhAA
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/duX3k3F9L8s
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame D3DC 4 KB
2 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/112/ Frame D3DC 50 KB
15 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/112/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14872
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 16:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 25 Apr 2023 04:03:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C665 0
20 B 53ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3498116008874&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C665 0
20 B 54ms
53ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3498116008874&version=m202301230201&ct=76&x=1&cor=13628644654529479000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C665 83 KB
35 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIK5vYeKlXS3is-CD_NAdsNCCEhTmw3oJlJoIQFEhW8SrdO6SErNPszdWHtxWGqMvgQwY3N-IQ1Xb5Py832otMBu3V9w&cry=1&dbm_d=AKAmf-BeMhGt9WoJCVPpfbVGS4VrSC5GWD4EJROmuCYZDN-2J3EdM-WY536NcTZ9bEB9O-kXzwpStywBXIkQ_9J6Ua0-ydM-ztmEnikk0sGRlVkdprDUAxTlGiPHAAhl8D4j6dkABW7cj0ALOnwigMSD1UD5bv9NkmDPFGlm2AfKrfOPl8Yhe30ftfNmGghRIPZ0zMdDg8GAVCLzITkgS64kznKJPAQGy5jyNq-m3MOSHgIXjmKqmntiURdzazDfR0vfU08602IAAqYoqh_qer6agE_cv2yUEfHjE07MYeum6pExpwCnGUtu-J4YydoBOrTj8DZi4RKRz8rEh2XCI-azHaEExFPHFezFSsXe5nRsnTC0SNedDVEWadkWF1r-FmA6eke5HeO7j_6267jPpchRDtsj3Bz24RwB9mmxPDI-UW77K3LXJV9YtNBictARHcbrRfAXbXFTgtUsPayKnxCNurjPj1_rD2K0ZGXfpKB3hYFmz2LByC3um8m6blJQ_XSFfC5JQpeOx5IhQGPD6EZhmZzMgtxoPC-ZExJLz4Ellbu5SIm8lcIq2I4QUm8YphWABzBb8l7CkjgeAs1wn2quWNrrCHVmBA20WjaFsHkBfJHzEX9D0b0sEd3IZZpr5xF6rDoOzen5l5hKG9aEYzfZv6Xc5ggDjojslpB6uDMpLbpsGeirmKg0a_3EzZN2NPzGIdOoybJc7lBpkaNQClK6pgvfIlM8lml5V6Hsl5KOU2Jy8eso_cu6RT0M0a4i3npd23r3zwPH-CebgbSndzUkY-yDD0Y5yHEb4kjjWCpEgFg7Lk45r5oCIkBSxJHHlWH8-jbrWTqjw4LxF94m0iMc3GQLutM-WkYtPUtjBscMZ9heT8-5XHylFzCbyHKnYO-cBB7ERtPFYW-NY7NPYfhxU1hrDlbIe57ENkIx4zt8xqESDbjYKxRJNP5jK64v9JfpUe6TqHn3CMkyeOzGOSrVdaDvahJilpDL58aiDh5tRoHjQ-grthXd1anu55Xy-W59ZEUOtg-1NLd3MeXy71T8GIXiu3g-wJhLKudCpEYk1JfeQarBXSqyufUmdmSU2ODC9q4nT56k6yshXmwz81d0lh0-PTb_oIix-lVa7WYME-sAkwrd3IUE5vAHnQZjONkdie99wzGL2fq1fbPJjtsUCZsFDmZdCRZrGamOh0AkaYqwg7QofvikgA-WTbg3JgJK6Gy9n7HE4X5IBhHXiS5xx0_NBFI4nR7ZW_HBFwanWsuv3CUOgTfCvib4Spqd8zdoD5JCxytrWrKr7aQKFMllExGL0wE4Na52wEFYdrYvI_F_X_NqeL-JFgnHtIGMQnfWbkXctMkE5TtPwEliK1bGziuiEJnMeOsmHZny5QuP2pZxWP14x3FscpKm4h5K7FO7VQdOIP2FqQXtM8e2j750HQxdz_G94e6c6LdaXo1K5e5k7ztEUsdCm_1kE_Bm7rAc-qjLusS4C6Taa75murzVj-Rj2oAZlNFiREhGDCIpwB02ZJzzA2zxBk78KqDB1b4BFlWgO3QAEahxuX3GgWcG39EaF2kgmGuif0x2wTklWfC5Km7LGS1TOVZUdFVFEDh0xuiYx_o6-mlSn5Btr24NF3MppiBXkSY1gOPP0Q0Crn9APYYrKaTsjz7XuSYS7pBrpQKpcjM8z_P5pNUeFUgx6qLtBBezHNtonqRDJUWZk8J5LGTcBbhSPexeeeShUGk_oTphNxMRYKJlzAaEWAbt0k22M21M0W85KtZYEI40NptP6-w4Umg-0p_UvtJLxvb_whuzcZNLlefB7Aj1QLPq8FZKNX2-yzZ5OB_CuICTjmIRZQ0hzVNGocriAFxoNZ--wyB-ULXB85LRGxvyZ-QkDVjd_fOfKEo2r9DHJARIFrG30wRqH_fGslHZlwWhSxM1iA_IJNic3kfHx6XC1oagfq5fvyRaeioog4m-DIYJVQ5XcCIj3E-rUHI0FC3mepAo9jCiT7cRexBojnTj7cXrc1XCn3zAIaaWAicZDPEU6tGIRTHx_2UdSF8nFEncJAL6YSA9hXfMdNtQ305O8VrROe2FwHECtxapMI6E2H8oRezaol-JuFPNIjnxndibuiJ5b_IeC6Tf0CFs2jbQ3NCFxfkljhO7DBeMfXQYs3uVYqwStseu-zkw1fwUsokoBsTC9_X1fBL4CMTnTcqpidmac4V6nT92Hanbf7PBtfUzmUBg8qGskRky57IHLXufTHIgXrh0F7ZHkwql4BoBzbmiEjZ34R2ul1lBHxWd5ECxTymB2ApK60U6JexNtyx6aeoeIn3wpvmINZsmUj7Pvzu12hul1lryCq3sjy1Z3o9FIxVKyH7KqX9p4nR4ZwrQ6AKreDVCI4vihCRIZIvU5Ck9qVuohcYizzzXe17uG8l2sX8D9-TTAnNAvid5Mc4FV0juX1qRJlddkPxzfg-jd2P7f5JcnyF8A_JiA_tc7MZhzXaJG2SE95QvK4qgjyq-WnHoPFKcV8ZWAJCiGgcdKdd--gE1uYOvyjkOpOWTHkegpi7VU93bW8hPDtCAkILEYRe0rHvULpdFs-kQy9H38Nil8V0zI61HrNjaK43VVFW_SPOFjr7AXsQVN2qoJlkX1bpHEuf7YSaUxn8XAbDdF7ky9F0yq9O-DXwn3j5346l34ZDPjZ_prTytYDuILD3a4UKnnoNuE3uAljGhMszEmnGwL2s2udcG59vI-mEsGLuGOQ1ScQqnDHL3UOOqw6W_5rimTymqolTrJU5jpwwBsJ1Eo-4aPvFdpt2NBysPn7n1gdcqpyPZHh5AxWgZRxLnhUsKXLFepJQgfSXyxQwDQ53JWyOMOdz13JMc3BzofW-PWsbyuTRjbEcE_J8RkAsVO9b7d2bFsuPb-7TuR2IfCKgftRm9hvKljTEVAChuBH7bWVH5Xw_1BA4ZAwZrA5E-yTfWVOF44J1acBkLw3yhRg4Q92YfVU-3pUnUSErIb02P2ZXuzzF4e4h_7OGuNhs3j1OcC8xuA6a38tLDfjMKzJbcKsXawCHojpGD_lIuA8QV1aEGmBVyky7tHN7MgwfpSY_DOfsGdU5kWj8yMZ95jCIQ2cOOEznEcw_fK1GjO0tOJ25AE9Kob3kwWYkyK8HUtsUQYQjOV2SDO4EHKX__IQky6-VVNQOcyyzxOOL9RHhPLrKenZB3xBiIo51oolC1_e6u8F7ra0kNKhGzMTXZKzd61ZFfu1HKAK0ldUV76OPWr4-tB9oglLiOWoT6PEcMG3yD7KwmT9p9YviguYMyMlwudkZk4KUvJ1tg-kadDPzN1pqrQTJsG3ap58flx7fVLiE4PxDuwGFAm-ItMbOKbaSvuIl3-xOu86g698BMZuCWaAj6fVfGJLJMT6KkONCVlVVwQKpnuJw8&cid=CAQSTABygQiDr9Nu2hoPPTmn7Sk8KHXz03RkCxuQfWxee_TGGoc95W9SE6zIz0f2TNtbnlWfHvYhJmolRH5PBN7ztDk4F-fks14aqk_As6wYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=13628644654529479000&adk=2923430907&idt=189&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe62a8fdc2b325615fc798a7850ab7894c71528f3731dffa62cba5c313daf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35889
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C665 106 KB
37 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
Origin: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 12:18:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56644
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Apr 2023 12:18:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/ Frame C665 11 KB
4 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BIK5vYeKlXS3is-CD_NAdsNCCEhTmw3oJlJoIQFEhW8SrdO6SErNPszdWHtxWGqMvgQwY3N-IQ1Xb5Py832otMBu3V9w&cry=1&dbm_d=AKAmf-BeMhGt9WoJCVPpfbVGS4VrSC5GWD4EJROmuCYZDN-2J3EdM-WY536NcTZ9bEB9O-kXzwpStywBXIkQ_9J6Ua0-ydM-ztmEnikk0sGRlVkdprDUAxTlGiPHAAhl8D4j6dkABW7cj0ALOnwigMSD1UD5bv9NkmDPFGlm2AfKrfOPl8Yhe30ftfNmGghRIPZ0zMdDg8GAVCLzITkgS64kznKJPAQGy5jyNq-m3MOSHgIXjmKqmntiURdzazDfR0vfU08602IAAqYoqh_qer6agE_cv2yUEfHjE07MYeum6pExpwCnGUtu-J4YydoBOrTj8DZi4RKRz8rEh2XCI-azHaEExFPHFezFSsXe5nRsnTC0SNedDVEWadkWF1r-FmA6eke5HeO7j_6267jPpchRDtsj3Bz24RwB9mmxPDI-UW77K3LXJV9YtNBictARHcbrRfAXbXFTgtUsPayKnxCNurjPj1_rD2K0ZGXfpKB3hYFmz2LByC3um8m6blJQ_XSFfC5JQpeOx5IhQGPD6EZhmZzMgtxoPC-ZExJLz4Ellbu5SIm8lcIq2I4QUm8YphWABzBb8l7CkjgeAs1wn2quWNrrCHVmBA20WjaFsHkBfJHzEX9D0b0sEd3IZZpr5xF6rDoOzen5l5hKG9aEYzfZv6Xc5ggDjojslpB6uDMpLbpsGeirmKg0a_3EzZN2NPzGIdOoybJc7lBpkaNQClK6pgvfIlM8lml5V6Hsl5KOU2Jy8eso_cu6RT0M0a4i3npd23r3zwPH-CebgbSndzUkY-yDD0Y5yHEb4kjjWCpEgFg7Lk45r5oCIkBSxJHHlWH8-jbrWTqjw4LxF94m0iMc3GQLutM-WkYtPUtjBscMZ9heT8-5XHylFzCbyHKnYO-cBB7ERtPFYW-NY7NPYfhxU1hrDlbIe57ENkIx4zt8xqESDbjYKxRJNP5jK64v9JfpUe6TqHn3CMkyeOzGOSrVdaDvahJilpDL58aiDh5tRoHjQ-grthXd1anu55Xy-W59ZEUOtg-1NLd3MeXy71T8GIXiu3g-wJhLKudCpEYk1JfeQarBXSqyufUmdmSU2ODC9q4nT56k6yshXmwz81d0lh0-PTb_oIix-lVa7WYME-sAkwrd3IUE5vAHnQZjONkdie99wzGL2fq1fbPJjtsUCZsFDmZdCRZrGamOh0AkaYqwg7QofvikgA-WTbg3JgJK6Gy9n7HE4X5IBhHXiS5xx0_NBFI4nR7ZW_HBFwanWsuv3CUOgTfCvib4Spqd8zdoD5JCxytrWrKr7aQKFMllExGL0wE4Na52wEFYdrYvI_F_X_NqeL-JFgnHtIGMQnfWbkXctMkE5TtPwEliK1bGziuiEJnMeOsmHZny5QuP2pZxWP14x3FscpKm4h5K7FO7VQdOIP2FqQXtM8e2j750HQxdz_G94e6c6LdaXo1K5e5k7ztEUsdCm_1kE_Bm7rAc-qjLusS4C6Taa75murzVj-Rj2oAZlNFiREhGDCIpwB02ZJzzA2zxBk78KqDB1b4BFlWgO3QAEahxuX3GgWcG39EaF2kgmGuif0x2wTklWfC5Km7LGS1TOVZUdFVFEDh0xuiYx_o6-mlSn5Btr24NF3MppiBXkSY1gOPP0Q0Crn9APYYrKaTsjz7XuSYS7pBrpQKpcjM8z_P5pNUeFUgx6qLtBBezHNtonqRDJUWZk8J5LGTcBbhSPexeeeShUGk_oTphNxMRYKJlzAaEWAbt0k22M21M0W85KtZYEI40NptP6-w4Umg-0p_UvtJLxvb_whuzcZNLlefB7Aj1QLPq8FZKNX2-yzZ5OB_CuICTjmIRZQ0hzVNGocriAFxoNZ--wyB-ULXB85LRGxvyZ-QkDVjd_fOfKEo2r9DHJARIFrG30wRqH_fGslHZlwWhSxM1iA_IJNic3kfHx6XC1oagfq5fvyRaeioog4m-DIYJVQ5XcCIj3E-rUHI0FC3mepAo9jCiT7cRexBojnTj7cXrc1XCn3zAIaaWAicZDPEU6tGIRTHx_2UdSF8nFEncJAL6YSA9hXfMdNtQ305O8VrROe2FwHECtxapMI6E2H8oRezaol-JuFPNIjnxndibuiJ5b_IeC6Tf0CFs2jbQ3NCFxfkljhO7DBeMfXQYs3uVYqwStseu-zkw1fwUsokoBsTC9_X1fBL4CMTnTcqpidmac4V6nT92Hanbf7PBtfUzmUBg8qGskRky57IHLXufTHIgXrh0F7ZHkwql4BoBzbmiEjZ34R2ul1lBHxWd5ECxTymB2ApK60U6JexNtyx6aeoeIn3wpvmINZsmUj7Pvzu12hul1lryCq3sjy1Z3o9FIxVKyH7KqX9p4nR4ZwrQ6AKreDVCI4vihCRIZIvU5Ck9qVuohcYizzzXe17uG8l2sX8D9-TTAnNAvid5Mc4FV0juX1qRJlddkPxzfg-jd2P7f5JcnyF8A_JiA_tc7MZhzXaJG2SE95QvK4qgjyq-WnHoPFKcV8ZWAJCiGgcdKdd--gE1uYOvyjkOpOWTHkegpi7VU93bW8hPDtCAkILEYRe0rHvULpdFs-kQy9H38Nil8V0zI61HrNjaK43VVFW_SPOFjr7AXsQVN2qoJlkX1bpHEuf7YSaUxn8XAbDdF7ky9F0yq9O-DXwn3j5346l34ZDPjZ_prTytYDuILD3a4UKnnoNuE3uAljGhMszEmnGwL2s2udcG59vI-mEsGLuGOQ1ScQqnDHL3UOOqw6W_5rimTymqolTrJU5jpwwBsJ1Eo-4aPvFdpt2NBysPn7n1gdcqpyPZHh5AxWgZRxLnhUsKXLFepJQgfSXyxQwDQ53JWyOMOdz13JMc3BzofW-PWsbyuTRjbEcE_J8RkAsVO9b7d2bFsuPb-7TuR2IfCKgftRm9hvKljTEVAChuBH7bWVH5Xw_1BA4ZAwZrA5E-yTfWVOF44J1acBkLw3yhRg4Q92YfVU-3pUnUSErIb02P2ZXuzzF4e4h_7OGuNhs3j1OcC8xuA6a38tLDfjMKzJbcKsXawCHojpGD_lIuA8QV1aEGmBVyky7tHN7MgwfpSY_DOfsGdU5kWj8yMZ95jCIQ2cOOEznEcw_fK1GjO0tOJ25AE9Kob3kwWYkyK8HUtsUQYQjOV2SDO4EHKX__IQky6-VVNQOcyyzxOOL9RHhPLrKenZB3xBiIo51oolC1_e6u8F7ra0kNKhGzMTXZKzd61ZFfu1HKAK0ldUV76OPWr4-tB9oglLiOWoT6PEcMG3yD7KwmT9p9YviguYMyMlwudkZk4KUvJ1tg-kadDPzN1pqrQTJsG3ap58flx7fVLiE4PxDuwGFAm-ItMbOKbaSvuIl3-xOu86g698BMZuCWaAj6fVfGJLJMT6KkONCVlVVwQKpnuJw8&cid=CAQSTABygQiDr9Nu2hoPPTmn7Sk8KHXz03RkCxuQfWxee_TGGoc95W9SE6zIz0f2TNtbnlWfHvYhJmolRH5PBN7ztDk4F-fks14aqk_As6wYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.otempo.com.br%2F&ds=l&xdt=1&iif=1&cor=13628644654529479000&adk=2923430907&idt=189&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 17:02:55 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame C665 28 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 17:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36593
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10768
x-xss-protection: 0
server: cafe
etag: 11141491900784070631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 May 2023 17:53:07 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C665 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 06:02:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165658
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 06:02:02 GMT

GET
DATA 200
OK truncated
/ Frame C665 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe1a9603253de949e8746359deb19d012196ac7bb96372d0d9d85f50d3f1055d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7D38 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 105709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 22 Apr 2023 22:41:11 GMT
expires: Sun, 21 Apr 2024 22:41:11 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 leaderboard.html Show response
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/ Frame 8866 7 KB
2 KB 66ms
22ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fd5a8e78fe180e7023ef61e4e47d1beff3b7c39712ba9b216ecc05a4873f5aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 317589
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2393
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 11:49:51 GMT
expires: Fri, 19 Apr 2024 11:49:51 GMT
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C665 0
0 140ms
67ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPqvlpqCU7_f93og97sPaNnZaoVU6yrYepwEJn7cWPNenjOFLFtFOEDCTb1_hEpkENtyuAaklwmtGbgtF-Yr6_ypGB1EhqIQFyIhYOA_N76_ZYDYPcXDslLkVbwwQQrpvQByggZwFHYI-oDmgqXNkFeemlAEPEV8n-e1RtZYVbu2xKOPk0XlR5m6C4lET-I3otUQ3EaRsbE-4gTeY77N6D4H7Xg-9RGqawFQXNkMoyOcOwUxXSkVDFvrRfzA0ReraMPJx8Y-vGC2tXnntojhG93CLolxIvH29VmrKZOesj289oFHxuf2-ZGGnPnnMiTBSYPRmK7eDJbuTazcTljdDtrfLdG9n5RuZnLL1nUsmks0Ay7QrY1ZnJRSrFDD9uJUEQTGuTKaOdt_yMcVGcLkPon5SotHVZA55RZ7s6_fadFaqpLDV8aM-rAP2b13oBovvdzYcnVpCBuIvYa4ege3bJmwqXW2GBSFSByHwFdhyrK1yb5R-WkJYehqLjtJ-N_j5FushiKKKXQtkJO-Yn-JpHcAt9qw694xQypkWJ3xXv-SOzeJivfM4EQqHTsnL5Ion7I49h0lWSL_aEMAPL_ln1LzLvH9j0SGIHBhi_uotI6pdiJo2P279iSCBFh8qbzy3Fh6CaSrOTs_v-XR9VYRhAEJ0oSOl4HN4IJBPp8lbgDAuhuUvJXJP_iPcZWDDDWHfn3aSsGC5I0jO1H7R8B4bEeAtQdV-jVV7RH_mK_SFLbyN5lZiMvR7L5ZUd_frgGPT1ycKWFycK4n84XFjZaMK_taYXsOeUxEWfwFjMnsd6Vn9JoGsWvJiKerm64oK-p-M-_0Ve-FP2moEyvH0I45ahBb9av5dUxiLq0vQYgQROEDhy2n7YN8RJP5aWTWe6MNBq2lmhIB-w-ZcPpLfZfXsbpGOPer79s48Rq5TO9xjV9M3RMBymluJFYSsLech1zTbIsakYc-bXWS7qdk3bQ5BSvsAfGzILC43zDNnPZOHDJrsKRQVrR0_qlOkFZzu8JiljeydLoPTOmZwlF4UVcWVt4B6S5jkq4BRGgsT4RVFgsWKWE4NtIKOMw8_X3lN53hAqYk4CNd8NS7L2vpo-Q8n1d6mpAGVy9sF9vvGSrgFOz4ZCDH039I33oAD0oaMBiU9iRKwHIV6U5o549CxloiV6T6sSXULZMRXp2tXcC88ieXCAY97ICS3Xvj5c-tPLbV-6UVCLxwqytRW86HV2Jqq8IaQxRYyALSV0d0pbVKiq4GhgPi5yLudGZw0HsZV6OMLef6-MrLyK2_-725VLru8&sai=AMfl-YS73wkSwhdiHxEmI5G0nABien-0OO4T0VO-mcn2fwhB1Frxi6Ec21xkob4UNarOR4bY9XiFlSkGERbITkFYfhh63ZCL5EPn6K6b30_OpBeIIKOoKPiG7HpI1-xci5DBFDeVEpQs-7_DKoUWCEnOWaaSy2TQ-2KazZOgqaabGrLdbLleuk8e2okeh5lsiCVuJmmfGBhGuEbWLaWeGnw4efnma9boKroNCUg1xcsjrFcGNLC-DPtGNvNVurREDCB6OkX-rcXXfoTjuJI8w0CdW7juavNj1FPvjet8&sig=Cg0ArKJSzCfJ0BltqoKmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=127&cbvp=1&cstd=123&cisv=r20230418.21818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D38 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 19:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29971
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 19:43:29 GMT

GET
H3 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 8866 186 KB
48 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 8866 236 KB
63 KB 141ms
41ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Mon, 24 Apr 2023 04:18:00 GMT

GET
H3 200 leaderboard.js Show response
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/ Frame 8866 15 KB
3 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b523d27be67ca81982bd92eab44ffa6c5ba18c501ec0082900098ab67e6a52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2678
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 11:49:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D38 0
20 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0QERdP9FZMX9EtvKx_AP-7C40AQAAAAAOAHgBAI&bg=!cnGlcSXNAAYfNdXmPzU7ADkAdvg8Ws_dIljaQwYH5Vfre9jNM1HL3PsxM3sW18kWq_vPFPxVN_gt6OHsBKVU0WWTZBfpYZTCuT8CAAAAVlIAAAADaAEHmQMdfkZONau2lioz4q7PA-MW7jSqqaCv_n4rPc5LPCnN65-hrUEfMorOXg2FZO1iTGc3QpuX9-RvnyAcny2wxA7T2iOA1UjKYqKAJ3_8K-9JMeTGFesqEAK-UPnNULoKnKMv3p3aauj7HZ7LvCRGyWZ8Y4RHD1jn0_iKmU08w4j5Qot4nfjet7Gbi0gslxkYrhifEIy8G2_4R6jFMMbpJHOOeeDcF65muKYMKOXfjENxtOs3OSpLeTkvl7wSda3ZM5VApsL5a94n-chCaz_ZfbEXardBcxy4boM1HDoyB7SsIglajku47FIJarlhdGqXp-9cYhfXbV4J0FpBjMpStH8IP0zMLjSEfy8l1ukVM1WEWvm6rYzZ6zXIzHraLE5DvGlcapVNFjmlfbhV9kb7JEJtZwTIqbxzoI5FZ8_ftFHuBQDKOKCg91qpyx4jtTcHqhZWReaUCKG9L7bl_c6sThZZCjTI0wgTfImM4DBVWDgWtgMSPaXIY5O6VmDbUFC0WGVX7UT3n9OAX4fvpV1sqMuE1u6U35-WiGKrFHoI6vs-TsUXARCJk9GTKkRMWJsUGJZM_4jBAOoIOLGQ_tfVnLmgUz2A6Ke6TKD4CV50MJdC0SQLNtSbmBCOBlAbOHFR5k2OknwJ9PcYY6_V25tQPes9c5aJXC4q6TNB9ekVSBvFZyKTLR-ZWYFPCWbT98BHTw6c-mcU-dpNzkZ07wFSQBuLKg9CxqU_Gvs82fjddCqOoJcTjSskMEjJYN5yvHY4LnFjZz-_L0rzz_deTa0_5MCwaIf29QyfcjFkee0qpuOsN32ie6A00kR4Fac-MiJpXJGjlnjeT979pJkmtTzU9inw4b-BY054Q_V9-LWn16x6RVi1xVSuiA-eGLR9rOtDoFSiZEFDdz6iq9uvA3QRcjwBdlgf_Kv4-3PX8-rpZUuAehN-TR8a3rkJ7sVs1V3IPIrNA5zPfoCJWPVtvrCnavWkGpCYaLJJjq9Ol35zvbPX1wYj02HGJRZrzdG02nqwPhXDm7VcwjRoRHPJP1-cWNb-ZR_4p93rHBAaQpxqeQI

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 30 KB
30 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/bg.jpg

Requested by

Host: 95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
URL: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db124edc48d6ebbdf1c355e4ca0febaeda553ce1e27e0f0a4385b507818ea5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:40:34 GMT
x-content-type-options: nosniff
age: 123746
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30392
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 17:40:34 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C665 0
0 60ms
60ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstPqvlpqCU7_f93og97sPaNnZaoVU6yrYepwEJn7cWPNenjOFLFtFOEDCTb1_hEpkENtyuAaklwmtGbgtF-Yr6_ypGB1EhqIQFyIhYOA_N76_ZYDYPcXDslLkVbwwQQrpvQByggZwFHYI-oDmgqXNkFeemlAEPEV8n-e1RtZYVbu2xKOPk0XlR5m6C4lET-I3otUQ3EaRsbE-4gTeY77N6D4H7Xg-9RGqawFQXNkMoyOcOwUxXSkVDFvrRfzA0ReraMPJx8Y-vGC2tXnntojhG93CLolxIvH29VmrKZOesj289oFHxuf2-ZGGnPnnMiTBSYPRmK7eDJbuTazcTljdDtrfLdG9n5RuZnLL1nUsmks0Ay7QrY1ZnJRSrFDD9uJUEQTGuTKaOdt_yMcVGcLkPon5SotHVZA55RZ7s6_fadFaqpLDV8aM-rAP2b13oBovvdzYcnVpCBuIvYa4ege3bJmwqXW2GBSFSByHwFdhyrK1yb5R-WkJYehqLjtJ-N_j5FushiKKKXQtkJO-Yn-JpHcAt9qw694xQypkWJ3xXv-SOzeJivfM4EQqHTsnL5Ion7I49h0lWSL_aEMAPL_ln1LzLvH9j0SGIHBhi_uotI6pdiJo2P279iSCBFh8qbzy3Fh6CaSrOTs_v-XR9VYRhAEJ0oSOl4HN4IJBPp8lbgDAuhuUvJXJP_iPcZWDDDWHfn3aSsGC5I0jO1H7R8B4bEeAtQdV-jVV7RH_mK_SFLbyN5lZiMvR7L5ZUd_frgGPT1ycKWFycK4n84XFjZaMK_taYXsOeUxEWfwFjMnsd6Vn9JoGsWvJiKerm64oK-p-M-_0Ve-FP2moEyvH0I45ahBb9av5dUxiLq0vQYgQROEDhy2n7YN8RJP5aWTWe6MNBq2lmhIB-w-ZcPpLfZfXsbpGOPer79s48Rq5TO9xjV9M3RMBymluJFYSsLech1zTbIsakYc-bXWS7qdk3bQ5BSvsAfGzILC43zDNnPZOHDJrsKRQVrR0_qlOkFZzu8JiljeydLoPTOmZwlF4UVcWVt4B6S5jkq4BRGgsT4RVFgsWKWE4NtIKOMw8_X3lN53hAqYk4CNd8NS7L2vpo-Q8n1d6mpAGVy9sF9vvGSrgFOz4ZCDH039I33oAD0oaMBiU9iRKwHIV6U5o549CxloiV6T6sSXULZMRXp2tXcC88ieXCAY97ICS3Xvj5c-tPLbV-6UVCLxwqytRW86HV2Jqq8IaQxRYyALSV0d0pbVKiq4GhgPi5yLudGZw0HsZV6OMLef6-MrLyK2_-725VLru8&sai=AMfl-YS73wkSwhdiHxEmI5G0nABien-0OO4T0VO-mcn2fwhB1Frxi6Ec21xkob4UNarOR4bY9XiFlSkGERbITkFYfhh63ZCL5EPn6K6b30_OpBeIIKOoKPiG7HpI1-xci5DBFDeVEpQs-7_DKoUWCEnOWaaSy2TQ-2KazZOgqaabGrLdbLleuk8e2okeh5lsiCVuJmmfGBhGuEbWLaWeGnw4efnma9boKroNCUg1xcsjrFcGNLC-DPtGNvNVurREDCB6OkX-rcXXfoTjuJI8w0CdW7juavNj1FPvjet8&sig=Cg0ArKJSzCfJ0BltqoKmEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=388&vt=11&dtpt=261&dett=3&cstd=123&cisv=r20230418.21818&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 110ms
68ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304200101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f762e61f3a9b426f6acb52cb0e145cabc799cae6090c98540953afdf5d938ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11121
x-xss-protection: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 197 KB
60 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/_nuxt/5ac8651.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c12b11109d4bd7ccb7f851783ae8bced6f85446d502ebc559a78d72a5cd1824

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61447
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 3 KB
3 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c5b80204aab9939d08d43cf7557ae2d9c2d9966e5249117abedbeeb5879198b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 09:00:40 GMT
x-content-type-options: nosniff
age: 154940
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3412
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 09:00:40 GMT

GET
H3 200 data.png
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 2 KB
2 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/data.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8e6b8b21e6779fddfc97d199e7e540299198e1ef38caa009a0ec8329880b0a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:49:52 GMT
x-content-type-options: nosniff
age: 317588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1826
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 11:49:52 GMT

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 113 KB
44 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=OPT-TBT9WDJ

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f71320bfe80c67acbbd291261568d444ba706e026a74182e6b0fe569928f0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45164
x-xss-protection: 0
last-modified: Mon, 24 Apr 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 24 Apr 2023 02:35:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5236
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 24 Apr 2023 04:35:44 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 95ms
20ms Script
text/plain 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 03:44:51 GMT
content-encoding: gzip
age: 1089
x-guploader-uploadid: ADPycdsd1wAn2j_Jgbaant1_haRTXdGw5kDbQyX8U3kI8y04m58NlVZO3liKT3boTJg4-Zu8wjd2OJ55WRunaTVG8laMxA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-generation: 1567453851562424
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
content-type: text/plain
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
expires: Mon, 24 Apr 2023 04:44:51 GMT

GET
H2 200 tm67531.js Show response
tag.navdmp.com/ 12 KB
4 KB 87ms
26ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm67531.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888e5142372c313294e9189d73466e0addce765ab7acf82ea9512d8aab384c43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:05 GMT
server: cloudflare
age: 3197
etag: W/"6137b331-2eb7"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7bcb743acaa19bbc-FRA
expires: Mon, 24 Apr 2023 04:09:43 GMT

GET
H2 200 1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 903ms
850ms Script
application/javascript 52.222.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9f4cbd51482016279df04d05f158b78dea67c8b044115a29233bda2aaa608111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: g8ovsszvnTek7aR1q653WmHpig4fwO_5
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 04:03:02 GMT
last-modified: Fri, 30 Dec 2022 20:11:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
etag: W/"161efb040626f4b54c5ef07cd514dceb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: 49bbGVbAgCisFv-1D1jSx0F91sJu0BY3laMQqlhdVG6qJF3fCE0S0w==

GET
H2 200 360.js Show response
s.clickiocdn.com/t/210916/ 451 KB
171 KB 88ms
26ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/210916/360.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3cd1ee5fd3c71a6a0313a2eb46a7bed37ede01445e4bfea14d98ce1c012fe0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Mon, 24 Apr 2023 04:33:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 246 KB
83 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YVMTC8C6PY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84ab3307c0e0ef8d18d80cc1ba926d49db58c4c5810aa35d0000b2b163453722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H2 200 widgetApi.js Show response
widget.mixcloud.com/media/js/ 97 KB
34 KB 86ms
31ms Script
text/javascript 2606:4700:10::6814:424
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mixcloud.com/media/js/widgetApi.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:424 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae9fe56644ea7d18abcd45d5d17f406b087a880a1b9eeaaa3f4d8150be98dcd

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; img-src https: data: blob:; media-src https: http: blob: data:; connect-src http: https: ws: wss:;
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-security-policy: default-src https: data: blob:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: data: 'unsafe-inline'; img-src https: data: blob:; media-src https: http: blob: data:; connect-src http: https: ws: wss:;
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
cf-cache-status: HIT
age: 2500
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 89a2988294c41d107ac89cd542a3b9df
x-mixcloud-view-name: react_www
last-modified: Fri, 21 Apr 2023 14:41:44 GMT
server: cloudflare
etag: W/"6442a0a8-18268"
vary: Origin, Accept-Encoding
content-type: text/javascript; charset="utf-8"
access-control-allow-origin: *
cache-control: max-age=7200
x-mixcloud-country-code: KEN
cf-ray: 7bcb743aba6ebb9d-FRA
expires: Mon, 24 Apr 2023 04:30:16 GMT

GET
H3 200 fixed.png
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 3 KB
3 KB 22ms
22ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/fixed.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6063c8fa2615cfddd377cb5c6f47f1622df08315424681f2715ff1990f440fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 23:41:34 GMT
x-content-type-options: nosniff
age: 102086
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3350
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 23:41:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304200101/pubads_impl.js?cb=31074080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H3 200 hl.png
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 9 KB
9 KB 23ms
23ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/hl.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e1bd24be63cc59bff950d5bc876815bad7336063341dd1edc2a3fb011c1819

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 17:39:14 GMT
x-content-type-options: nosniff
age: 123826
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8705
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Apr 2024 17:39:14 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D3DC 28 B
54 B 34ms
33ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/d87d581f/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-Goog-Request-Time: 1682308980891
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/duX3k3F9L8s
X-YouTube-Client-Version: 1.20230418.00.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgt2NnVtN1drdG5sOCjy_peiBg%3D%3D
X-YouTube-Ad-Signals: dt=1682308978839&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C260%2C180&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 24 Apr 2023 04:03:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 29ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1693188914&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otempo.com.br%2F&ul=en-us&de=UTF-8&dt=O%20TEMPO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAUABQAAAACAAI~&jid=612288989&gjid=144130392&cid=1055101010.1682308979&tid=UA-9513496-1&_gid=434775130.1682308979&_r=1&_slc=1&gtm=45He34j0n815BKLMTQ&z=413015926

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 27ms
27ms Image
text/html 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=OPT-TBT9WDJ&cv=46&t=ol&p=gtmo&l=2462&q=2545&f=52&e=5&i=78&d=975&c=2378&hc=1&fh=1967&sr=0.050000&ps=0.0049312229412215025&cb=817019741

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:00 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 preco.png
s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/ Frame 8866 7 KB
7 KB 21ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/images/preco.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

494e70c9b6ba04d8c44402a46f10ff0b89d7f70a6c77af2842d9ae7db8305e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/7372233404690819356/leaderboard/leaderboard.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 11:49:52 GMT
x-content-type-options: nosniff
age: 317588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6773
x-xss-protection: 0
last-modified: Wed, 19 Apr 2023 15:33:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Apr 2024 11:49:52 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D345 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 23 Apr 2023 23:04:22 GMT
expires: Mon, 22 Apr 2024 23:04:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 10A2 783 B
960 B 31ms
30ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e2f5add00f8387c282d0aa7a04d1daa88a39470e5b8a4516cd37b959f0527b8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce---1k1rfytajdI0nQ1QFA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otempo.com.br/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce---1k1rfytajdI0nQ1QFA5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 24 Apr 2023 04:03:00 GMT
expires: Mon, 24 Apr 2023 04:03:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YVMTC8C6PY&gtm=45je34j0&_p=1693188914&cid=1055101010.1682308979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682308980&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=page_view&_fv=2&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVMTC8C6PY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 26ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YVMTC8C6PY&gtm=45je34j0&_p=1693188914&cid=1055101010.1682308979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1682308980&sct=1&seg=1&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=page_view&_c=1&_et=4
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YVMTC8C6PY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 29ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-9513496-1&cid=1055101010.1682308979&jid=612288989&gjid=144130392&_gid=434775130.1682308979&_u=aADAAUABQAAAACAAI~&z=1037621794

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 24 Apr 2023 04:03:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 361 B
489 B 166ms
157ms Script
application/javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=67531&upd=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm67531.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80542cd0e04d0bdaaa5801dbfa6f57d1012aec5d44b43c84e064c81cfd1beebe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: public
date: Mon, 24 Apr 2023 04:03:01 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
cf-ray: 7bcb743b4b049bbc-FRA
expires: Mon, 24 Apr 2023 05:03:01 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
461 B 1828ms
924ms Image
image/gif 35.164.56.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1682308981012&e=pv&url=https%3A%2F%2Fwww.otempo.com.br%2F&page=O%20TEMPO&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=33&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=5e40b92a-7ce3-4774-b1ee-580fbcbdb921&dtm=1682308981011&vp=1600x1200&ds=1600x14709&vid=1&sid=5d888204-d391-4d61-8a59-09d3359e43d4&duid=2701ffc0-82ed-4291-ac51-079edabfb052&fp=3884270085
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.56.53 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-164-56-53.us-west-2.compute.amazonaws.com
Software: Apache/2.4.51 () OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Mon, 24 Apr 2023 04:03:02 GMT
Server: Apache/2.4.51 () OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 10A2 0
0 54ms
53ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304200101&jk=2722018696516679&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 34ms
34ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9513496-1&cid=1055101010.1682308979&jid=612288989&_u=aADAAUABQAAAACAAI~&z=596248109

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 82ms
32ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-9513496-1&cid=1055101010.1682308979&jid=612288989&_u=aADAAUABQAAAACAAI~&z=596248109

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame D345 36 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 23 Apr 2023 19:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 22 Apr 2024 19:43:29 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D345 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LlOvpw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
77 B 158ms
149ms Script
application/x-javascript 2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=12997b9b0cc5763b45a5f911cf10&acc=67531&url=https%3A//www.otempo.com.br/&tit=O%20TEMPO
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm67531.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bcb743c5bd29bbc-FRA
content-length: 6
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=79884425996
https://sync2.navdmp.com/sync?prtid=2&id=79884425996&google_gid=CAESEL67KWquyWkLMhUgoNb1Cd0&google_cver=1

6 B
57 B

495ms
486ms

Script
application/javascript

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=79884425996&google_gid=CAESEL67KWquyWkLMhUgoNb1Cd0&google_cver=1
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7bcb743c8c059bbc-FRA
content-length: 6
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync2.navdmp.com/sync?prtid=2&id=79884425996&google_gid=CAESEL67KWquyWkLMhUgoNb1Cd0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=56526445-ff75-4100-bd87-b6b38420aeaf

43 B
129 B

161ms
152ms

Image
image/gif

2606:4700::6810:bf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=56526445-ff75-4100-bd87-b6b38420aeaf
Protocol: H2
Server: 2606:4700::6810:bf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
cf-ray: 7bcb743d0c699bbc-FRA
content-length: 43
content-type: image/gif

Redirect headers

Date: Mon, 24 Apr 2023 04:03:01 GMT
Server: MT3 830 785530e master cdg-pixel-x9 config_version:"unknown"
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Location: https://sync.navdmp.com/sync?img=1&mdia=56526445-ff75-4100-bd87-b6b38420aeaf
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Expires: Mon, 24 Apr 2023 04:03:00 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58727/
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

0
125 B

131ms
50ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Mon, 24 Apr 2023 04:03:01 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0103.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
content-language: en
location: https://ups.analytics.yahoo.com/ups/58727/cms?partner_id=NAVEG
content-type: text/html
cache-control: no-store
content-length: 344

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C665 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssg_NhbQE0K0FueBhSGPR-yjcQCNsLr0vL4dHvMPZ8ijaVv3WXg4zF496KsCB8gMIJcyzhL7KIcoU1YVOLb6d8hT_Au84d5OGxH3gHCSK6FVJc8dF7uONBa6ms7_TXESzOMyoAWag&sai=AMfl-YRY2_Ia4sUjWEyXBljlQ-kHHDHdGrwDcM0TuU_OXmjFW_jKRMVf7wVNphzWRQRJvLzD0KR3Y-cEqieibfHflxcV_jhxx927RNAOlXMdENnvByUXSP0ohS7UeHJmS1Y7Eckb5XzTm9k4UEotCQ&sig=Cg0ArKJSzE5eFqzVeSfZEAE&cid=CAQSTABygQiDr9Nu2hoPPTmn7Sk8KHXz03RkCxuQfWxee_TGGoc95W9SE6zIz0f2TNtbnlWfHvYhJmolRH5PBN7ztDk4F-fks14aqk_As6wYAQ&id=lidar2&mcvt=1000&p=211,436,301,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2238061759&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682308979396&rpt=1037&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 56ms
56ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304200101&jk=2722018696516679&bg=!zM-lz5vNAAYfNdXmPzU7ADkAdvg8Wi4Y6mvOlsQkShNNYE9KFiTifJO_50oGb6vMRpboVJc4lXAScPelpyKvSwH4rZMu7fwE96ACAAAAT1IAAAADaAEHCgCFyyzD2kHpCVVuU8Mj2xDXBeZYWBGSG_OlqDTQrNfVQ1kNTsFuhFiKW8uYRvqv8gVXi1Zj4-SKPcArApXe2SV0CAw5jR9YZMOLg3jnN3k7Xl0ikU2iw-tYmgqY3WiyJ2JFBNsmW-qPFatZyBpCiMQ-xr9gt735lfsBxndwF5zFRxPEOdrtzpkC4gUbgQZ7bvO1glJlbwFDpjXtcrZAoI3Or1vYA7gLB0QC5gTq8mDdyQ2sx8ZcChrlGWA8UuOv0Mcv6q_qDIJUJ2FrwczRp4EybXY5OOhY7g8k22W6Rbqu8_Rh-lqN3jjy_s7ty52KarMVyVKRDejfDJPCjnIU-gQku-PSdkiLjXOvL0VF3sNzewZ3Y0_FgWwtfa8zXrtAfhnIasydJC2FNeFpqoSfl0_FfGtnT4Ao6ZFMtLk2QC-vu34Qwal5H8eKW8NWb9BGiPm-5LZN3at7avl26WYkcB2W9WKBupb37nm9hWM9wHqvo5rkrwEhJv973GEHGAOqvqV9zSXE2thB3Cf2ZeFeVAjbeJFUNwAKFG6emSklOemBduVPgJq-KpZZ1X8eGlL4OQBRmByE8ZLVmDgkoRUu4dOB8c_llsi2sHU-vo00OlajqhGVQwXw_mmHMrFz73ynXdldYbSbb65cAUl_1C0QGBJ5YLa0ch7Ehciv5FUub99xSxfEbRZyuVmuxhysQ41Pp2q0uu9Rsl-oCTgYDEzfvfMiTyhCj2DfEdXx_snj2YDVNgWgo0ot7bxQl4gp7iKbVjS8T9PKIncN5N4JTRHZxeoks48At3q-DsJWhsmwNe-AheRwVCUct14X_L-MyDR-qIW0R6oyc9g3ppYBj5Rb4mVotxjHJy9qii3cSlyE5tu4TSFSMkZQQfr7EDnbwL-rygBrQTkElWrk45I-tm0QqvAuQ9CaIuP5cBIda2cXHorHoZA96lmr8kWJYE2HCco7l1NBSlEsKZ2yQEEd8yeEJ4NE_fLNsiDS6D94yFJbcoEvWN1ed6jMPOMCj7HdnssmB8XfNK02xG_t3s_g6JFkpIWrUzPOxQCU1CF4QgxF5JLQPk0pVQKZXLsR2gpAHkI40VzKZkszwWRHkmrc4KG0Jq6v-2FMUKC6pbwK-APtU9qfu4LOuxxcRe7VcFPVfs_G6mitXvrXuVVIEzQ5Aw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 20ms
19ms Script
application/javascript 52.222.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 09:32:23 GMT
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 66639
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: xXG6ATgyKsg4YBl-XgFcva2ZFPNjsSNsC2uwXLbeKM4xALj4sjyVBA==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 20ms
20ms Script
application/javascript 52.222.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: QfrmjXJN9imPm0CvR.Kk8uxg0RnubrVf
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Mon, 24 Apr 2023 02:41:28 GMT
last-modified: Mon, 09 Jan 2023 17:04:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 4894
x-amz-server-side-encryption: AES256
etag: W/"dae3ed517b23abad11d0bd6b79f24080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: PTs3SAUEF3oU2Z1MdOIBgc-yyJtMzBQ18z2gVfA0p-V-rloCgEDTSQ==

GET
H2 200 common_258.js Show response
s.clickiocdn.com/t/ 156 KB
65 KB 28ms
28ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/common_258.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 66e2439bfb11f6a8d3efce8eb33ce3217d5c559ce344fd5998c0769cb97c8696

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
content-encoding: gzip
last-modified: Wed, 19 Apr 2023 15:33:15 GMT
server: nginx/1.16.0
etag: W/"644009bb-270a1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Mon, 24 Apr 2023 04:33:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C665 0
20 B 133ms
133ms Ping
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3498116008874&version=m202301230201&ct=76&x=1&cor=13628644654529479000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 send Show response
pageview-notify.rdstation.com.br/ 36 B
620 B 452ms
139ms XHR
text/html 35.223.116.65
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pageview-notify.rdstation.com.br/send

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.223.116.65 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

65.116.223.35.bc.googleusercontent.com

Software

Resource Hash

ae7ca863604382c6cf2341b1c7036ea8a83c631c46dbe1fd29b43e8b88a35b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.otempo.com.br/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 24 Apr 2023 04:03:02 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html;charset=utf-8
access-control-allow-origin: https://www.otempo.com.br
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: *, Content-Type, Accept, AUTHORIZATION, Cache-Control
content-length: 36
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
176 B 97ms
29ms Script
application/x-javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_wjzh86u61czhrbtq&rt=898182678&site_id=210916&title=O%20TEMPO&l=https%3A%2F%2Fwww.otempo.com.br%2F
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: a8094d74765d0420a3d187759d8a4e37d77d82a434c37cc9b760a4057cae637d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:01 GMT
iseu: eu
content-encoding: gzip
server: nginx/1.16.0
content-type: application/x-javascript; charset=utf-8

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 201 KB
56 KB 24ms
24ms Script
application/javascript 52.222.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8d0f32e074ecaac216b692a8e0dfd4210180fac3578676df923da331265c302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: _Tez5c5lzBJwwJdwHtb2lZNhcYNkcuGC
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 14:32:55 GMT
last-modified: Wed, 19 Apr 2023 14:32:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 48608
x-amz-server-side-encryption: AES256
etag: "0ab7666fe0fe6b8388c86da4f5923396"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 56478
x-amz-cf-id: GkRNHJz-ojYyya78d88dTBF4ssVulkrwHqY5TBsDLvrAy9vNbyggmQ==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 13 KB
5 KB 44ms
44ms Script
application/javascript 52.222.250.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-91.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Ue47Arb7o21QIXzXdR.6SzkIvhr7p6iy
content-encoding: gzip
via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
date: Sun, 23 Apr 2023 17:20:14 GMT
x-amz-cf-pop: FRA60-P3
age: 83063
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4699
last-modified: Wed, 29 Mar 2023 14:00:58 GMT
server: AmazonS3
etag: "1f7cabf79794bdf27abc546d74059ded"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, must-revalidate
accept-ranges: bytes
x-amz-cf-id: r4kVTd0wf9DsAd_hGHf7vIs-1BGd0-bjnEEYqFPM0H6d16RXua1sHA==

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
248 B 426ms
146ms XHR
application/json 34.68.90.188
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://popups.rdstation.com.br/popup/show.json?account_id=205446&uniq=_vvy556qz1&ref=aHR0cHM6Ly93d3cub3RlbXBvLmNvbS5ici8%3D

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.68.90.188 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

188.90.68.34.bc.googleusercontent.com

Software

Resource Hash

96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=7776000
date: Mon, 24 Apr 2023 04:03:02 GMT
referrer-policy: strict-origin-when-cross-origin
content-security-policy-report-only: upgrade-insecure-requests; default-src 'self' https: data: wss: 'unsafe-inline' 'unsafe-eval';
x-frame-options: sameorigin
content-type: application/json
access-control-allow-origin: *
content-length: 13

GET
H2 200 / Show response
clickiocdn.com/utr/logst_st/c2lkPX4yMTA5MTYmYWN0PX5jbW4mdXJsPX53d3cub3RlbXBvLmNvbS5iciZ2Y250PTEmX2Y9X19seEdfXy50bXAubG9nc3RfZDJ6ZnJmNXVpb284OGNjbQ/ 38 B
206 B 37ms
37ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_st/c2lkPX4yMTA5MTYmYWN0PX5jbW4mdXJsPX53d3cub3RlbXBvLmNvbS5iciZ2Y250PTEmX2Y9X19seEdfXy50bXAubG9nc3RfZDJ6ZnJmNXVpb284OGNjbQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: c58ceaaec5f0a8ed5e58054ea5bf2138d3ec695345ea639671b1406c24f09aad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 04:03:03 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02OTk3NTB+Njk5NzQ5fjY5OTc0OH42OTk3NTV+Njk5ODQ5fjY5OTg0OH42OTk4NTV+Njk5ODU0fjY5OTg1M342OTk4NTJ+NzA5NzExfjY5OTg1OX42OTk4NTh+NjY1NjExfjY4ODgxMX42OTg0OTh+Njk4NDk2JnNza... 38 B
206 B 37ms
37ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02OTk3NTB+Njk5NzQ5fjY5OTc0OH42OTk3NTV+Njk5ODQ5fjY5OTg0OH42OTk4NTV+Njk5ODU0fjY5OTg1M342OTk4NTJ+NzA5NzExfjY5OTg1OX42OTk4NTh+NjY1NjExfjY4ODgxMX42OTg0OTh+Njk4NDk2JnNzaWQ9fjEmYWN0PWRldl90YXJnX3JlbX4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+LX5ydHJfdmFyX2Noc25+LX4tfi0mcGx0Zj1+MCZ1cmw9fnd3dy5vdGVtcG8uY29tLmJyJnZjbnQ9MTcmX2Y9X19seEdfXy50bXAubG9nc3RfY2o3anZsaTF0czFvbTYwMw/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: d5a87aaa74c529beefaa886750d531d46e29dd49ba610ce488282cd71220bc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 24 Apr 2023 04:03:03 GMT
cache-control: no-cache
content-encoding: gzip
iseu: eu
server: nginx/1.16.0
content-type: application/javascript; charset=utf-8

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 27ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1VXJ83ESPC&gtm=45je34j0&_p=1693188914&cid=1055101010.1682308979&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&_s=2&sid=1682308978&sct=1&seg=0&dl=https%3A%2F%2Fwww.otempo.com.br%2F&dt=O%20TEMPO&en=ad_impression&ep.query_id=COfq2ajRwf4CFTJc5Qodat0CgQ&_et=1237
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1VXJ83ESPC
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Apr 2023 04:03:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/ 6 KB
2 KB 29ms
28ms Script
text/javascript 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d0157d284271c05065825b507af5b71219def52b99b332a72fef61d96271478

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:05 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
age: 548
cf-polished: origSize=6307
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 1befaaff-6f70-4b52-9a2c-6386b2848e7f
x-runtime: 0.029678
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"9867b88cc0a87cd0c4f6e94c33ce7104"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 7bcb7459181337e9-FRA
access-control-allow-headers: SDK-Version
expires: Mon, 24 Apr 2023 05:03:05 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 30ms
30ms Stylesheet
text/css 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:05 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2113
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
cf-ray: 7bcb74595e095b5c-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 24 May 2023 04:03:05 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/ 176 B
776 B 316ms
76ms Fetch
application/json 2606:4700::6812:d63b

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151601

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:d63b -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

653ba452e2c61ed76f6ce61624f831be1a9998f03bdd8eba070887bcdec75f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 24 Apr 2023 04:03:06 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
content-encoding: br
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15552000; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 6aae228d-d69f-42ee-974e-c6bf1b7a75ad
x-runtime: 0.007210
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"653ba452e2c61ed76f6ce61624f831be"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept, Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7bcb745be913381c-FRA
access-control-allow-headers: SDK-Version

GET
H2 200 6a40b8b8-a891-4e23-85f8-c236a4b62138.jpg
img.onesignal.com/t/ 4 KB
5 KB 60ms
59ms Image
application/octet-stream 2606:4700::6812:d73b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.onesignal.com/t/6a40b8b8-a891-4e23-85f8-c236a4b62138.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d73b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d4c94f5c86775f28ae3329fe0f904d3347dadcf15c6a59d79008ae21d199a53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-goog-encryption-kms-key-name: projects/core-infra-onesignal/locations/europe-west4/keyRings/keyring-kms-onesignal/cryptoKeys/img-persistence-bucket-onesignal/cryptoKeyVersions/1
date: Mon, 24 Apr 2023 04:03:06 GMT
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: REVALIDATED
x-guploader-uploadid: ADPycduu4h5I4pCoU8UZaJwACSsCjhHXJQ10MgcdUtCKS2YEPUzKQibUao26Uq6nNnxF6ZCrGpAYAxAGtHDlc_xaqjth
x-goog-meta-x-goog-source-etag: "830a4482a59ee352cfd27ad0d06aeb17"
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4306
pragma: no-cache
last-modified: Tue, 14 Feb 2023 02:59:44 GMT
server: cloudflare
etag: "-CL3v9r6ClP0CEAE="
vary: Origin, Accept-Encoding
x-goog-generation: 1676343584339901
content-type: application/octet-stream
x-goog-hash: crc32c=g4Y/wA==, md5=gwpEgqWe41LP0nrQ0GrrFw==
cache-control: public, max-age=2678400
x-goog-meta-cache-control: public, maxage=604800
x-goog-stored-content-length: 4306
accept-ranges: bytes
cf-ray: 7bcb745c6b4c37e9-FRA
expires: Thu, 25 May 2023 04:03:06 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@400;700;800&family=Montserrat:wght@400;700;800&family=Roboto:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 22 Apr 2023 21:03:36 GMT
x-content-type-options: nosniff
age: 111570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Apr 2024 21:03:36 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 11:18:30	Name: __cf_bm Value: tR9_P_I9OQuEemTBF0UhxH8vw.67gcbz1WX709A4O1w-1682308978-0-AST4ZRAu//IW0uCbXgccM4zwLr3Y8hfXKsaZTIsAsSQgU4VSe7xgj5UAklbitfOXjz1IGow9Y3WelDqNj4bBJgA=
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: jm5ckxrKm_8
.youtube.com/	1970-01-20 15:37:40	Name: VISITOR_INFO1_LIVE Value: v6um7Wktnl8
.otempo.com.br/	1970-01-20 11:19:55	Name: _gid Value: GA1.3.434775130.1682308979
.otempo.com.br/	1970-01-20 11:18:29	Name: _gat_gtag_UA_9513496_7 Value: 1
.otempo.com.br/	1970-01-20 20:40:04	Name: __gads Value: ID=bf61ada73ffc7a3b:T=1682308978:S=ALNI_Ma0c6afd4Eae-OZAaHBd-lL4xT18g
.otempo.com.br/	1970-01-20 20:40:04	Name: __gpi Value: UID=00000bef6761d9c1:T=1682308978:RT=1682308978:S=ALNI_MY0BJE_cb1XiwhcyEM-rh7Qp5QiFA
.otempo.com.br/	1970-01-20 11:18:36	Name: ak_bmsc Value: 35454E74799D0E00A34187F9480A6ECD~000000000000000000000000000000~YAAQH7oQAmUAOqWHAQAAJtxtsRPZyLEf1PMjwtaFH29ToJ3TO9MjmcUhD32XFdPXX7HlKXjV6uWEKADV57fuxx1e7VDPATL4C8G4t4kSPKiChDiO4mqkOhk24e6Kvhe8EVBDNhhNlOifyQud4TcqN7EHH+0oYO72KQP+mdkAnhENNA2a19kQK6Vws6SgmDFCOC+/6sxq9Mb5twmDLQHSp5TXPOuHnkwYwE9tmnwmLiyUnuaNZW6Hd/4vjWKQ+XfnnO2xRacH8OAcfMUaXb8RSFf2vOgJKYXGy+DZQOsJhjViwLGsbsjIVnFB5fXRKPHYNI2XlrOfdrSm8PHRaeZYtiKUiZKCzZmzyryyYx/JajBOU/Kk6TvSraDypqTyKYeFr7LN4bY66v/JcIgwqG6MakE0rluYD38pMOTWOSvunm/M1RB+3XbXBFYMTPI3
.otempo.com.br/	1970-01-20 20:54:28	Name: _ga_1VXJ83ESPC Value: GS1.1.1682308978.1.0.1682308979.0.0.0
.doubleclick.net/	1970-01-20 20:40:04	Name: IDE Value: AHWqTUlHAX0BmWTvVPVBzE6nQCGniXmE-1IF708StjfmYxB3hY4BxVuw4eOLgc3U
.casalemedia.com/	1970-01-20 20:04:04	Name: CMID Value: ZEX-dDxpf0fpAB8CL4TR0gAA
.casalemedia.com/	1970-01-20 13:28:04	Name: CMPS Value: 1113
.casalemedia.com/	1970-01-20 13:28:04	Name: CMPRO Value: 1113
.adnxs.com/	1970-01-20 13:28:04	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In3s.s:p!]tbPl1M>e)ZlrFUfJ+tGXvWB<vxkwazw6])a<@>k+'q<Y0]YvnALimk<a3If)y3KL9D3I?+jOKSJg
.adnxs.com/	1970-01-20 13:28:04	Name: uuid2 Value: 7000196243573982270
.otempo.com.br/	1970-01-20 13:28:04	Name: _gcl_au Value: 1.1.529437595.1682308981
.otempo.com.br/	1970-01-20 11:18:29	Name: _gat_UA-9513496-1 Value: 1
.otempo.com.br/	1970-01-20 20:54:28	Name: _ga Value: GA1.1.1055101010.1682308979
.otempo.com.br/	1970-01-20 20:54:28	Name: _ga_YVMTC8C6PY Value: GS1.1.1682308980.1.1.1682308980.0.0.0
www.otempo.com.br/	1970-01-20 11:18:30	Name: _gada_ses.6032 Value: *
www.otempo.com.br/	1970-01-20 20:54:28	Name: _gada_id.6032 Value: 2701ffc0-82ed-4291-ac51-079edabfb052.1682308981.1.1682308981.1682308981.5d888204-d391-4d61-8a59-09d3359e43d4
www.otempo.com.br/	1970-01-20 11:19:55	Name: privAu Value: 0
.navdmp.com/	1970-01-20 20:54:28	Name: nid Value: 12997b9b0c367c9e2fb9459bc610\|1\|144
.otempo.com.br/	1970-01-20 20:04:04	Name: nav67531 Value: 12997b9b0cc5763b45a5f911cf10_115
.mathtag.com/	1970-01-20 20:44:24	Name: uuid Value: 56526445-ff75-4100-bd87-b6b38420aeaf
.yahoo.com/	1970-01-20 20:04:26	Name: A3 Value: d=AQABBHX_RWQCEBxYu6Uviz0lpUPyWajzNNMFEv__AP8AAAAAAOAXyiMAAAAAgA&S=AQAAAjv3oHwV-No4XB5VUYQ55Pw
.otempo.com.br/	1970-01-20 20:04:04	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNjgyMzA4OTgxNzkzfQ==
.otempo.com.br/	1970-01-20 20:05:31	Name: rdtrk Value: %7B%22id%22%3A%22ea1f2f74-dfbc-46c0-a3e4-486e0858849e%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

95d2bfa6b853fbbf4b953ddc1951e911.safeframe.googlesyndication.com
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
c.amazon-adsystem.com
c.go-mpulse.net
cdn.navdmp.com
cdn.onesignal.com
clickiocdn.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
code.createjs.com
d335luupugsy2.cloudfront.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
img.onesignal.com
ivccf.ivcbrasil.org.br
jnn-pa.googleapis.com
onesignal.com
otempo.com.br
pagead2.googlesyndication.com
pageview-notify.rdstation.com.br
pixel.mathtag.com
popups.rdstation.com.br
region1.google-analytics.com
s.clickiocdn.com
s.go-mpulse.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.doubleclick.net
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
usr.navdmp.com
widget.mixcloud.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.otempo.com.br
www.youtube.com
yt3.ggpht.com
108.138.4.150
13.224.192.181
142.250.185.194
142.250.186.162
185.80.39.216
185.89.210.122
2.18.233.201
2001:4860:4802:32::36
212.82.100.182
2606:4700:10::6814:424
2606:4700::6810:bf3
2606:4700::6812:d63b
2606:4700::6812:d73b
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2006
2a00:1450:4001:811::2016
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::2010
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
2a02:26f0:3500:11::215:14cb
2a02:26f0:6c00:1b8::11a6
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00::210:ba23
3.75.62.37
34.68.90.188
35.164.56.53
35.223.116.65
52.222.250.91
95.211.66.34
01a1be88dca6652fbd70f6d3e788dfc63ce043a4c326d42c774786c779a021ba
01ea44fb2f7b8fcf242f2f250c9c32f50ebb4cd047e51a43272ad58b104ded5c
0264b553f15c5229134e020b553312c51681e96f25aed9f3173e8d86b9e5cbde
0443c7d4d4d0ea180740ed03639769318b1a7eb44ba9584ca8b1ccbe0404adf6
069d9dd84485613e9b3c3939d4f6bb2af882e8cc95a1c1fecfd4882599d8fc58
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
098abf9de2d467cd1a4a9ca765d11437488e9979c00687158af9b89c90b77df2
0993edc9c13f84b47ce9836c996a146bbb7dacf4d31ddb8c4152f5142bfb457f
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e5e2e0cb02a76fdc1c2b2898474066f73a8fe175de17467cf9481a7c77bf470
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
15842ebeb4c0aa33e806d9d64c20b223ab38cde5cb2d0629655c9c28f231ec2e
194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970
1a0365c5fc4fe041befd89d6a915af5ace660eea2bf1a2b74a6eab02b2da37cc
1c82ac4e98af53271fb8168ec3a928368e436a9109bd3551b4075cf9522d277d
1c9bcce48e4b3d6e755b8a898825003c7e584f2be67d5e59ea50c57815f66321
1df9eecc3df2c704df7f9381dd0ce305327c87bbfa087909882a3e315c1eae69
2336825cc3775138a1157eb1ce8ea23fdafe54be28ac7d085648d077901b978d
249839bce1c7c9e7140dabcf8dad233ef24f60ddd0b12a4c592c953493744ee9
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
2d4c94f5c86775f28ae3329fe0f904d3347dadcf15c6a59d79008ae21d199a53
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
30d728fcff547b708c6e4ad4de805c718b13f97dd01fc4424cfc27ff9cf9a8e9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3405dcf19124ba504b36ed7ef2cb535e25b7dbe0cf23a9e953e174f8523e68e7
347dcd70ffa3aa6a5e40f13e39dac46b89a3b8137ec57a18acd6ecbb6708735a
38801ec57e55d5f84abffb9b4e033c018f2163f50b4cae3b2443923d3b450476
3b0d3f56dea685ac2617a181c2841c378a70889f2f266805809c6a025a694950
3cd1ee5fd3c71a6a0313a2eb46a7bed37ede01445e4bfea14d98ce1c012fe0fb
3db124edc48d6ebbdf1c355e4ca0febaeda553ce1e27e0f0a4385b507818ea5c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f71320bfe80c67acbbd291261568d444ba706e026a74182e6b0fe569928f0b3
40fba0019ff3cd5ef1ad3797b7b223a9f434ccf632b89f322241ef51434a389b
41221a11e8ab4ebaf39d229bf38956ff29e080d2a5517f7c86a29e2970823fd0
413c30da5214d0344d2a591dbd3e7a638cdc554545251a09e0c97a79ea46a009
418dc5b28c3ee7122a052426b5465034a8915a871b301299aa546d9653319d42
450174fbf9507f6519a2515f438de527709fb5e0ca43a84874ad8d98229591c4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
470fd901560ad98452867ea91af7b3d11ab8de72c43e9b8d01ab218bac6027d9
49262cbd305b40a32de0c41a27e4a5aafc65927c0b7f0e6163e0e5b3739eab85
494e70c9b6ba04d8c44402a46f10ff0b89d7f70a6c77af2842d9ae7db8305e58
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a312de5d5df23f9f480daa5837af8b88f77bb83c0ad3f04d474a449d43e7859
4a6f5ab201de77db1222bf17df0224effa9f02295a7a156f204235dd8fcdcd00
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb5d38dbbe1eba27eb5c339624eca0c43d7dd37f8d4184f8a825f08ace3c835
4c4d7f6ac80caedf34d5e7c3ccaf320aadc05ba839954e65a924fc4822196ab3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5286854173e8ebfa92c3226b7df7499754974e6c8a13f85073b413b2a5c4b984
5505c357b48804197613acca5b7041a8bfb262fb09c83102e4e4b0958ffa16f6
554ced8b75005ec09fc250e61b29b9e07a8a804cd227aeb445e947d885cf6de7
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
57f04b5a466354feb4512d4b128979b1e9ab067421925e57fb76c2fb37c134e0
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b5f63cf93eb6c705ad674b48e5451f9fbdc156d43f51b9f709eeb878354f3bb
5baa0155587e932aaeb8c88494cccbde1e1c512411544d0571c47f9ef4bb322b
5c12b11109d4bd7ccb7f851783ae8bced6f85446d502ebc559a78d72a5cd1824
6063c8fa2615cfddd377cb5c6f47f1622df08315424681f2715ff1990f440fa8
606ed518b15c107e7c0e887e9b45c038857960b70c4c913f065200c45890df7c
6154027999b914d9d11ba0f62740f95175fbd27a5b2e13923a48555c02ef390c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b169efeccc25b559033bcdfd61cd9227aac4b8fa079876408f2948869e7d90
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
653ba452e2c61ed76f6ce61624f831be1a9998f03bdd8eba070887bcdec75f11
66e2439bfb11f6a8d3efce8eb33ce3217d5c559ce344fd5998c0769cb97c8696
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684eaa951c303f40bfd620df088659e7699e93b478d2b4a94cd410071b2de57c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
708d8a4354c556b359a700108e0fb498e79ae1bf80a25946305aa2ba4bba7b73
733a3b461beaa18c6a49455847f09e70b9b310e75931deaf54644763a82b5d18
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
754055f0b32462d7625885c623524bb0f630d6173b347e9969d25cd68909206c
782097d7203f079c5e131d4104ba04ed161feaf1f89657472f2155bd13b21fb8
7aad3c528a84c5f8145ab901050c637385dce1619706197cb9a826243def4444
7ae9fe56644ea7d18abcd45d5d17f406b087a880a1b9eeaaa3f4d8150be98dcd
7b523d27be67ca81982bd92eab44ffa6c5ba18c501ec0082900098ab67e6a52d
7b9432f40cb52dcef8aee9d19b79860023b1ef136c726a31abc81923d247fb8c
7d0157d284271c05065825b507af5b71219def52b99b332a72fef61d96271478
80542cd0e04d0bdaaa5801dbfa6f57d1012aec5d44b43c84e064c81cfd1beebe
820e594fe0fb8bd8509a08c1b6b5ef9bee2648fcb4448bdeef515d4cd2c4158a
82c72eacaf7a31c85b91e538c455b3c69000d95b6ac02bf1ce6fc08c713e6651
84ab3307c0e0ef8d18d80cc1ba926d49db58c4c5810aa35d0000b2b163453722
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
888e5142372c313294e9189d73466e0addce765ab7acf82ea9512d8aab384c43
89238cb49e395a44bb76768ea5241204ee3c9c050e22ad638d443cf681f84586
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94735b8eb670092747b5957d6dbcf3f1637923cb322d1624df49d936d8354d66
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
9824ccf1dbfd47a854639dc52ed6882fed59b0c8f6d7ada5b97367aa7c494717
9c5b80204aab9939d08d43cf7557ae2d9c2d9966e5249117abedbeeb5879198b
9f4cbd51482016279df04d05f158b78dea67c8b044115a29233bda2aaa608111
9fd5a8e78fe180e7023ef61e4e47d1beff3b7c39712ba9b216ecc05a4873f5aa
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a333763bbb0e85b26f800b47b777d0f00e6b7810a0d025ca6baa42d9c429d6f9
a42482a5c0d922aec11123c93091c870b855e07d256b492aaedc9550157b7c4a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7e1bd24be63cc59bff950d5bc876815bad7336063341dd1edc2a3fb011c1819
a8094d74765d0420a3d187759d8a4e37d77d82a434c37cc9b760a4057cae637d
ae7ca863604382c6cf2341b1c7036ea8a83c631c46dbe1fd29b43e8b88a35b42
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b0990b2303a4152e34c267f532db69459c430fc4ad92b653938e9ae1d9ceaed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b157ac379ef1e7e5d6a4b749cde28979b236d331ce90ad342d517f78e04d1081
b1fe62a8fdc2b325615fc798a7850ab7894c71528f3731dffa62cba5c313daf7
b251d5c069f664aebc4fb02ca7c64791db54d2b6c81d190d3d8295c14e3f404b
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bd928b4f995ac5bf7f33476af975fee508cffef16943c7b1d691d0cf81edcc7d
bdfc3cc939b03ea51378d2dbdeb7ff9d7bdeda9189f45c6e48cff4724b4171f2
bef7a4be7e8f678d4aaf008e93dde141b6d5210c250b4bb60477cccd0aa5057e
c3d179f0e69da4cb3808800bac82c6be701f77b395677dd09621e8009680a960
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4f58597b49f363f761c8b833113605b882ed34295f737aeed27f4abba30cfce
c58ceaaec5f0a8ed5e58054ea5bf2138d3ec695345ea639671b1406c24f09aad
c868ebeb22a6d2945834c14da4641969a62e35a6cfa434a974339df068324b6e
c88a0057945c8339c3a7f8d03427f7f8ef7b3dfdb3c8488c763a807d9aaa7b1e
c8d0f32e074ecaac216b692a8e0dfd4210180fac3578676df923da331265c302
c8e6b8b21e6779fddfc97d199e7e540299198e1ef38caa009a0ec8329880b0a9
ca23d7dd19f4e069e1188fb446a1e53840ccb61d6685ce3383f5dba23770447f
ca60fc9aa6f68c01dcfa858fe94334903a48ec66921bfcc8def5e25c83eb124c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc3d46765cc2a644689236e6c399ca66bc9ddd993a950551d1fe6eb8af90d841
ceb3a79c63f50d25a392d25e9a1e4eff9ec81559a80faca318542e94bdaa40c1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff51143edf897ed3940d42cfae837646acdb92e6dc544b72fb0179a2b247f1c
d15a8b96d52bd1836ea5fa817854c9518184128f6fe6a29422e263a7054c7375
d5a87aaa74c529beefaa886750d531d46e29dd49ba610ce488282cd71220bc15
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc467c312a15005618c8c6b173f0e56ceac1b8d090cb65011457fbff00c45434
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dffb1f1556a32bbd8cd8924fdc17b08c42c7cffd2cf1a78f46117a92b7939ed3
e2f5add00f8387c282d0aa7a04d1daa88a39470e5b8a4516cd37b959f0527b8d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e44c05db73898e594bff523e1713c7d4dcd2ac02173f4b3ab8fc71b6423309e9
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e6d6f563b9d1814748947e7d639fb5d1a9b2c982c3a6b2f93782a7d8f4629847
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eebca01c60b315a6937fea6c94dfaa2b2afcb61cd14cdf7e655cefec2fc32017
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ca065121a6151b9773cbda516d9d869b488cf1845f7dce6ffb9a8ca7cba9b5
f34ac4eed7c587b82570a141739f38eab8764e4debdea0dbce02b29d726bca3a
f6d92be1f6d97a323320191dfed0c85aaa581ef050be1ae22e20a4ae007bcee5
f762e61f3a9b426f6acb52cb0e145cabc799cae6090c98540953afdf5d938ed2
f7d241ae4a769219a47dc18e710d4bf12443c207c81871956df29bffd4688727
f98dd5a52d1b5eae7b5846936ae0ebbddc0a10466d818706696144157d207d0b
fbb1c1b91e417d20d270046dedb6716ebd76c0cb37c915fa463b26d011000f81
fbfea72c839330ddf5dded4f83ca0cd77a8d51407ce3e2c051879cb068df267b
fcaaacbe09be7babfecfbcad09df9c01257b0ea95ee996105d6756ba75f41aa3
fe1a9603253de949e8746359deb19d012196ac7bb96372d0d9d85f50d3f1055d

www.otempo.com.br Open in urlscan Pro 2a02:26f0:6c00::210:ba23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

182 Requests

96 %HTTPS

69 %IPv6

28 Domains

53 Subdomains

44 IPs

6 Countries

3744 kBTransfer

11221 kBSize

28 Cookies

13 Outgoing links

Page URL History

Redirected requests

182 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.otempo.com.br Open in urlscan Pro
2a02:26f0:6c00::210:ba23 Public Scan

Screenshot
Live screenshot

Full Image

182
Requests

96 %
HTTPS

69 %
IPv6

28
Domains

53
Subdomains

44
IPs

6
Countries

3744 kB
Transfer

11221 kB
Size

28
Cookies

182 HTTP transactions
7 data transactions