www.otempo.com.br Open in urlscan Pro
170.82.174.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://otempo.com.br/
Effective URL:
https://www.otempo.com.br/
Submission Tags: tranco_l324
Submission: On November 01 via api (November 1st 2021, 11:48:43 am UTC) from DE — Scanned from DE

Summary HTTP 242 Redirects Behaviour Indicators

Summary

This website contacted 46 IPs in 9 countries across 39 domains to perform 242 HTTP transactions. The main IP is 170.82.174.10, located in São Paulo, Brazil and belongs to 3L CLOUD INTERNET SERVICES LTDA - EPP, BR. The main domain is www.otempo.com.br.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on August 13th 2020. Valid for: 2 years.

This is the only time www.otempo.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.174.241.169 35.174.241.169	14618 (AMAZON-AES) (AMAZON-AES)
109	170.82.174.10 170.82.174.10	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
4	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
9	143.204.101.189 143.204.101.189	16509 (AMAZON-02) (AMAZON-02)
4	34.107.182.233 34.107.182.233	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:9e00:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.123 143.204.98.123	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
10	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:cf3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	95.211.66.34 95.211.66.34	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	34.68.90.188 34.68.90.188	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
2	170.82.173.25 170.82.173.25	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
1	170.82.173.10 170.82.173.10	266444 (3L CLOUD ...) (3L CLOUD INTERNET SERVICES LTDA - EPP)
1	2620:108:700f... 2620:108:700f::36d6:637	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2016	15169 (GOOGLE) (GOOGLE)
4 9	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	52.21.62.223 52.21.62.223	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	35.244.138.111 35.244.138.111	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.63.164 138.201.63.164	24940 (HETZNER-AS) (HETZNER-AS)
1 5	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3 3	18.192.203.176 18.192.203.176	16509 (AMAZON-02) (AMAZON-02)
2 2	52.17.151.21 52.17.151.21	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.138.131 185.86.138.131	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	88.99.70.21 88.99.70.21	24940 (HETZNER-AS) (HETZNER-AS)
242	46

1 35.174.241.169 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-241-169.compute-1.amazonaws.com

otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

109 170.82.174.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

www.otempo.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkpoint1.gocache.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 143.204.101.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-189.fra50.r.cloudfront.net

d335luupugsy2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.182.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.182.107.34.bc.googleusercontent.com

rum.goedge.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
checkpoint0.gocache.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:9e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-123.fra50.r.cloudfront.net

pj.l.a8723.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

gadasource.storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:cf3 (United States)

ASN13335 (CLOUDFLARENET, US)

tag.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
usr.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync2.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.navdmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 95.211.66.34 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.68.90.188 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 188.90.68.34.bc.googleusercontent.com

forms.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popups.rdstation.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 170.82.173.25 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

rum.gocache.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 170.82.173.10 (São Paulo, Brazil)

ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR)

checkpoint2.gocache.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:108:700f::36d6:637 (Boardman, United States)

ASN16509 (AMAZON-02, US)

ivccf.ivcbrasil.org.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.62.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-62-223.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.138.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.138.244.35.bc.googleusercontent.com

eye.rd.services	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.242 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.164 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 138.201.63.165 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.203.176 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-203-176.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.151.21 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-151-21.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.70.21 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.21.70.99.88.clients.your-server.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
109	otempo.com.br 1 redirects otempo.com.br www.otempo.com.br	733 KB
24	doubleclick.net 5 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net 5994599.fls.doubleclick.net	233 KB
13	clickiocdn.com s.clickiocdn.com clickiocdn.com	199 KB
12	googlesyndication.com dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	63 KB
10	gstatic.com fonts.gstatic.com	147 KB
9	cloudfront.net d335luupugsy2.cloudfront.net	164 KB
6	redintelligence.net 1 redirects hal9000.redintelligence.net hal90005.redintelligence.net	10 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	87 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	gocache.com.br rum.gocache.com.br checkpoint0.gocache.com.br checkpoint1.gocache.com.br checkpoint2.gocache.com.br checkpoint3.gocache.com.br Failed	1 KB
5	google.com adservice.google.com www.google.com	1 KB
5	navdmp.com tag.navdmp.com usr.navdmp.com cdn.navdmp.com sync2.navdmp.com sync.navdmp.com	5 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	google-analytics.com www.google-analytics.com	55 KB
4	onesignal.com cdn.onesignal.com onesignal.com	82 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	googletagservices.com www.googletagservices.com	101 KB
3	yahoo.com 2 redirects cms.analytics.yahoo.com ups.analytics.yahoo.com	2 KB
3	google.de adservice.google.de www.google.de	1 KB
3	goedge.me rum.goedge.me	3 KB
2	avct.cloud 2 redirects ads.avct.cloud	890 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	rd.services eye.rd.services	217 B
2	cloudflare.com cdnjs.cloudflare.com	19 KB
2	facebook.com www.facebook.com	638 B
2	rdstation.com.br forms.rdstation.com.br popups.rdstation.com.br	35 KB
2	googleapis.com gadasource.storage.googleapis.com fonts.googleapis.com	26 KB
2	facebook.net connect.facebook.net	78 KB
1	contentspread.net cdn.contentspread.net	44 KB
1	smartadserver.com 1 redirects ssbsync.smartadserver.com	456 B
1	adsrvr.org match.adsrvr.org	265 B
1	dotomi.com dclk-match.dotomi.com	104 B
1	chartbeat.net ping.chartbeat.net	201 B
1	mathtag.com 1 redirects pixel.mathtag.com	578 B
1	ytimg.com i.ytimg.com	32 KB
1	ivcbrasil.org.br ivccf.ivcbrasil.org.br	467 B
1	a8723.com pj.l.a8723.com	2 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	46 KB
242	39

	Domain	Requested by
108	www.otempo.com.br	www.otempo.com.br
11	clickiocdn.com	s.clickiocdn.com
10	fonts.gstatic.com	www.otempo.com.br fonts.googleapis.com
10	securepubads.g.doubleclick.net	www.otempo.com.br securepubads.g.doubleclick.net www.googletagservices.com
9	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
9	d335luupugsy2.cloudfront.net	www.otempo.com.br d335luupugsy2.cloudfront.net
6	pagead2.googlesyndication.com	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	dev.visualwebsiteoptimizer.com	www.otempo.com.br dev.visualwebsiteoptimizer.com
5	hal90005.redintelligence.net	1 redirects dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com hal90005.redintelligence.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	tpc.googlesyndication.com	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	x.bidswitch.net	3 redirects
3	www.googletagservices.com	securepubads.g.doubleclick.net s.clickiocdn.com dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
3	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
3	rum.goedge.me	www.otempo.com.br rum.goedge.me
2	ups.analytics.yahoo.com	2 redirects
2	ads.avct.cloud	2 redirects
2	5994599.fls.doubleclick.net	1 redirects www.otempo.com.br
2	googleads.g.doubleclick.net	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com www.otempo.com.br
2	eye.rd.services	www.otempo.com.br
2	www.google.com	www.otempo.com.br dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
2	cdnjs.cloudflare.com	client d335luupugsy2.cloudfront.net
2	onesignal.com	cdn.onesignal.com
2	rum.gocache.com.br	rum.goedge.me
2	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.facebook.com	www.otempo.com.br
2	s.clickiocdn.com	www.googletagmanager.com
2	connect.facebook.net	www.otempo.com.br connect.facebook.net
2	cdn.onesignal.com	www.otempo.com.br cdn.onesignal.com
1	cdn.contentspread.net	hal90005.redintelligence.net
1	ssbsync.smartadserver.com	1 redirects
1	match.adsrvr.org	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
1	hal9000.redintelligence.net	dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
1	popups.rdstation.com.br	d335luupugsy2.cloudfront.net
1	www.google.de	www.otempo.com.br
1	ping.chartbeat.net	www.otempo.com.br
1	stats.g.doubleclick.net	www.google-analytics.com
1	cms.analytics.yahoo.com	www.otempo.com.br
1	sync.navdmp.com	www.otempo.com.br
1	pixel.mathtag.com	1 redirects
1	sync2.navdmp.com	www.otempo.com.br
1	cdn.navdmp.com	tag.navdmp.com
1	i.ytimg.com	www.otempo.com.br
1	fonts.googleapis.com	d335luupugsy2.cloudfront.net
1	ivccf.ivcbrasil.org.br	www.otempo.com.br
1	usr.navdmp.com	tag.navdmp.com
1	checkpoint2.gocache.com.br	rum.goedge.me
1	checkpoint1.gocache.com.br	rum.goedge.me
1	checkpoint0.gocache.com.br	rum.goedge.me
1	forms.rdstation.com.br	d335luupugsy2.cloudfront.net
1	tag.navdmp.com	www.googletagmanager.com
1	gadasource.storage.googleapis.com	www.otempo.com.br
1	pj.l.a8723.com	www.otempo.com.br
1	static.chartbeat.com	www.otempo.com.br
1	www.googletagmanager.com	www.otempo.com.br
1	otempo.com.br	1 redirects
0	checkpoint3.gocache.com.br Failed	rum.goedge.me
242	63

This site contains no links.

Subject Issuer	Validity	Valid
*.otempo.com.br AlphaSSL CA - SHA256 - G2	`2020-08-13` - `2022-08-14`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
rum.goedge.me GTS CA 1D4	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
pj.l.a8723.com Amazon	`2021-06-18` - `2022-07-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-10` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
s.clickiocdn.com R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
forms.rdstation.com.br R3	`2021-08-31` - `2021-11-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
gocache.com.br R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.ivcbrasil.org.br Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.rd.services Sectigo RSA Domain Validation Secure Server CA	`2021-10-20` - `2022-11-20`	a year	crt.sh
adlmerge.com R3	`2021-10-10` - `2022-01-08`	3 months	crt.sh
popups.rdstation.com.br R3	`2021-09-03` - `2021-12-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh

This page contains 34 frames:

Primary Page: https://www.otempo.com.br/
Frame ID: 47E879AFC7DBF71062FA76DD12522CA7
Requests: 180 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264573.1574366367!/menu/standard/file/ic_headset.svg
Frame ID: B5F29AD5EB5D86DE50C895851B1F52BF
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264568.1574366246!/menu/standard/file/ic_galery.svg
Frame ID: 6F2DF2B33107B7FDA2DB29CE8886380D
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264578.1574366564!/menu/standard/file/ic_job.svg
Frame ID: 563ACD462A4AD3F260AAC8B6FAA7EAF6
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2516995.1627060957!/menu/standard/file/newsletter.svg
Frame ID: 9E65B9438363ACA8255E8792725645C6
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2309305.1583945749!/menu/standard/file/ic_politica2.svg
Frame ID: 0225789D3F2A92DD53C434B5AF4BAC7D
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264570.1574366301!/menu/standard/file/ic_globe.svg
Frame ID: E6EB498D0F314D32F9C26240FE67D5C3
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2331592.1588272923!/menu/standard/file/ic_live_do_tempo.svg
Frame ID: C0C6BEAB132DA08B47DDEE303FFA5CC9
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264567.1574366175!/menu/standard/file/ic_Cidades.svg
Frame ID: D4908D043191C41ACD41628DF0270F3E
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2267354.1574977177!/menu/standard/file/ic_moda.svg
Frame ID: DE704BF6A9C90A4B5DA745A353755D22
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264580.1574366716!/menu/standard/file/ic_person_star.svg
Frame ID: 820BA0FF2D1FE79E35BC3B5B76444E9C
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2471234.1618247299!/menu/standard/file/ic_novo_mais.svg
Frame ID: 9074CCA69E1EB4B9FB21CDEDD546DA6E
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264584.1574366951!/menu/standard/file/ic_sports.svg
Frame ID: 27EC39BDE2F2AD28D90D35D33D3FEC77
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264575.1574366443!/menu/standard/file/ic_interessa.svg
Frame ID: 0F0A5981A4DD3B6EE9E4E440ABAE7C8B
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2445357.1612902723!/menu/standard/file/ic_ServicosGrafigcos.svg
Frame ID: E0415099D81E35BC50455D194D723D4B
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264593.1574367278!/menu/standard/file/ic_tv_play.svg
Frame ID: 0C9E20C70F4FF8FBC8CB8B463800D6BE
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264589.1574367184!/menu/standard/file/ic_star_ball.svg
Frame ID: 030A392DE04ABFEF05894B4F1D738DDA
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264563.1574366047!/menu/standard/file/ic_car.svg
Frame ID: 06BF7827466C7A9531951349FCDB6D6A
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264841.1574422632!/menu/standard/file/ic_turismo.svg
Frame ID: F80B49AC200605DC1BEA1512C1F02137
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ultimasnoticias.svg
Frame ID: B54FE689DEFC71E1AAEA88E212ED5516
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2309412.1583957908!/menu/standard/file/ic_entretenimento.svg
Frame ID: F1EF3E8A5A6C5EEF9D61567E7C0232E8
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2447655.1613424557!/menu/standard/file/2.svg
Frame ID: 06B8A4F95DD4E18622C9D9A09219BCCF
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ultimasnoticias.svg
Frame ID: 65731045C8153A9851D4579D398AC175
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2547486.1632746613!/menu/standard/file/congresso_icone.svg
Frame ID: 234DF10B6D09B19FE6BE5639641DF9ED
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2313722.1584714858!/menu/standard/file/ic_coronavirus_verde.svg
Frame ID: AA333B96A37640EEC8578EA2A445B5AC
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264559.1574365556!/menu/standard/file/ic_ballon_chat.svg
Frame ID: C5F8EA177882204966B3FCC89432E5CA
Requests: 1 HTTP requests in this frame

Frame: https://www.otempo.com.br/polopoly_fs/1.2264561.1574365975!/menu/standard/file/ic_brush.svg
Frame ID: DDF62ED458A74C7F0ABC12C55C64BE4A
Requests: 1 HTTP requests in this frame

Frame: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB40818BB574FAF2414AE8A38B802C15
Requests: 1 HTTP requests in this frame

Frame: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3665D400AAC9D1BA86846AEF56C2631
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWFEK35ZheRP11VPlr192lZilj2c0nGiWn1chFYj--z4dio9kMFUJEB48BMDQKKphnR1KSeJeJsFytQhJUqJKznUI1wckct_kzp7Dzazkeix0Nk7gTUcbQD8gzTBbHrYgZ2QXtCAZnoTSbhC9fPGIt385_Ht-1I2f_Wly8SporhhWsrQGQ
Frame ID: D0949036E742ADC3D545616C2228BE52
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC9D7825001841A6C81CAD32BDEC072F
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655
Frame ID: 24671851634F4D37A0C6692B2F8B6988
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
Frame ID: 5A2222BA59D97310A02E9179D2668BAA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B69C93A8AA821656DE3D53CD2DBFC62
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Page Statistics

242
Requests

95 %
HTTPS

47 %
IPv6

39
Domains

63
Subdomains

46
IPs

9
Countries

2184 kB
Transfer

5595 kB
Size

42
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://otempo.com.br/ HTTP 301
https://www.otempo.com.br/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67088509722 HTTP 302
https://sync2.navdmp.com/sync?prtid=2&id=67088509722&google_gid=CAESEMEX9-Q7gGR_KUD-L03H0Uc&google_cver=1

Request Chain 144

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D HTTP 302
https://sync.navdmp.com/sync?img=1&mdia=1493617f-d415-4d00-8140-703ae45a65f6

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1&C=1

Request Chain 212

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX-UF435mf0KdkYZhn8iGwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeRFEvtK8nJPs90t10fHlw&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeRFEvtK8nJPs90t10fHlw%26google_cver%3D1

Request Chain 214

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAyNTIwMzU2OTgwMjA0Mzc1Mg%3D%3D

Request Chain 220

https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D&documentReferer=https%3A%2F%2Fwww.otempo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.otempo.com.br&random=6362435446061&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D&documentReferer=https%3A%2F%2Fwww.otempo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.otempo.com.br&random=6362435446061&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 222

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655

Request Chain 227

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 229

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDEnK4v53xd4nck6EsjqOes&google_cver=1&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDEnK4v53xd4nck6EsjqOes&google_cver=1&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=78c93b83-d9a1-4773-89e3-639f59424562&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM&google_hm=x-ar1VqNSteNaHsbrZUfyg==

Request Chain 230

https://onetag-sys.com/sync/i,19/?google_gid=CAESEPVXDu6yPSgnfTi3AVTE6m8&google_cver=1&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk

Request Chain 231

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGyxyS-oXOfeP1fy1_t2jGc&google_cver=1&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXvTabu0m4VSKdXBIE9-oTa0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXvTabu0m4VSKdXBIE9-oTa0&google_hm=NTMyMzU4OTI2NDczNzAxMDgyNA%3D%3D

Request Chain 232

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKz5XxWbelupxMaXNUgm-6g&google_cver=1&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUgYIQacT0TbXQA8wPW9jM3XwKy4l HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKz5XxWbelupxMaXNUgm-6g&google_cver=1&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUgYIQacT0TbXQA8wPW9jM3XwKy4l&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iNUZhNFNsRTJ1R3h1ckVDcTNsUmR0Mjhlb1V6LkRLTn5B&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUgYIQacT0TbXQA8wPW9jM3XwKy4l

242 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.otempo.com.br/
Redirect Chain

http://otempo.com.br/
https://www.otempo.com.br/

340 KB
57 KB

1679ms
238ms

Document
text/html

170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4364e30a2fa51dab067fde1a2c039570baa917a1aaf98e166b06d1ed955801b2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-type: text/html;charset=UTF-8
referrer-policy: origin
x-gocache-cachestatus: HIT
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 01 Nov 2021 11:48:33 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.otempo.com.br/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H2 200 novoportal.min.js Show response
www.otempo.com.br/js/novoportal/ 79 KB
24 KB 186ms
185ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/novoportal.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

39a6656ffc66bddce607162bc40ea34514c047560c5b6021cfc605a02b1376e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 05 Oct 2021 06:28:54 GMT
server: gocache
etag: W/"80975-1633415334000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 membership_ex.min.js Show response
www.otempo.com.br/js/novoportal/ 13 KB
5 KB 190ms
190ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/membership_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c095d75f2788a553f3eba8c8f232906d0fffda9bb12f3995945bed6e9681f263

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"12969-1590077906000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 MeteringFlow.js Show response
www.otempo.com.br/js/swg/gaa/ 4 KB
2 KB 187ms
185ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/swg/gaa/MeteringFlow.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

90aa38eef2216f9e249c437565e2fbe92481227f6044f09ad7518c0a462afeb0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"4002-1612243114000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 MeteringOTempo.js Show response
www.otempo.com.br/js/swg/gaa/ 1 KB
916 B 299ms
297ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/swg/gaa/MeteringOTempo.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

e5367af46c985c8ca3c4f6465b31c142fbd23295464aaaa16f93262ed625fe11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"1262-1612243114000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 25BC6F_2_0.woff
www.otempo.com.br/css/fonts/charter/ 27 KB
27 KB 299ms
297ms Font
application/x-font-woff 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/fonts/charter/25BC6F_2_0.woff?v=1.3.141

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

1563987b6b63af0ca93435f1b2e13767c6b0b005b28d02c9bb155f3ddbbd5c1c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
referrer-policy: origin
last-modified: Thu, 26 Apr 2018 22:56:50 GMT
server: gocache
etag: W/"27507-1524783410000"
x-frame-options: SAMEORIGIN
content-type: application/x-font-woff;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 27507
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 fa-brands-400.woff2
www.otempo.com.br/css/fonts/fontawesome/ 75 KB
75 KB 299ms
297ms Font
font/woff2 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/fonts/fontawesome/fa-brands-400.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
referrer-policy: origin
last-modified: Fri, 02 Apr 2021 06:57:46 GMT
server: gocache
etag: W/"76764-1617346666000"
x-frame-options: SAMEORIGIN
content-type: font/woff2;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 76764
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 fa-solid-900.woff2
www.otempo.com.br/css/fonts/fontawesome/ 76 KB
77 KB 299ms
297ms Font
font/woff2 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/fonts/fontawesome/fa-solid-900.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
referrer-policy: origin
last-modified: Fri, 02 Apr 2021 06:57:46 GMT
server: gocache
etag: W/"78196-1617346666000"
x-frame-options: SAMEORIGIN
content-type: font/woff2;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 78196
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 plugins-novo-portal.css
www.otempo.com.br/css/ 177 KB
32 KB 299ms
297ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f4457cf32b25c5c025f3863d9c6942b6cbbe7cac5a2c2d1380f00a059c9555bc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sun, 31 Oct 2021 09:08:46 GMT
server: gocache
etag: W/"181583-1635671326000"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 style-novoportal-standard.css
www.otempo.com.br/css/novo-portal/ 103 KB
17 KB 195ms
193ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2be0e6f225d59e663788aad4a17d4befabdf04295e89fa052c0ff774ff5aa34e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sun, 31 Oct 2021 09:08:29 GMT
server: gocache
etag: W/"105973-1635671309000"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 keen-slider.min.css
www.otempo.com.br/css/slider/ 506 B
512 B 299ms
298ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/slider/keen-slider.min.css?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

e684679efd57d4e36ba60b640925135bd001556e05839348e33baf256aa03eff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Wed, 05 May 2021 07:24:14 GMT
server: gocache
etag: W/"506-1620199454000"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 style-novoportal-home.css
www.otempo.com.br/css/novo-portal/ 96 KB
13 KB 300ms
298ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/novo-portal/style-novoportal-home.css?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

12ad5147461ce939bd6e8fc48b1a209207d83bb32a76b58904b57a789139a7ed

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sun, 31 Oct 2021 09:08:31 GMT
server: gocache
etag: W/"98285-1635671311000"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 style-novoportal-sidebar.css
www.otempo.com.br/css/novo-portal/ 26 KB
5 KB 300ms
298ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/css/novo-portal/style-novoportal-sidebar.css?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a7882fd2f77e43c7624fc404202f7eb213c54835006e43adf58a0d20bb587011

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sun, 31 Oct 2021 09:08:33 GMT
server: gocache
etag: W/"26925-1635671313000"
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 corre%C3%A7%C3%B5es-capa-7.7813242
www.otempo.com.br/cmlink/ 1 KB
763 B 300ms
299ms Stylesheet
text/css 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/cmlink/corre%C3%A7%C3%B5es-capa-7.7813242?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6ad5c4b5ece27355df0d6827cb2ed58416baada668a58b0ce5478def83a4bb48

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 07 Oct 2021 19:19:00 GMT
server: gocache
x-frame-options: SAMEORIGIN
content-type: text/css;charset=utf-8
access-control-allow-origin: *
x-gocache-cachestatus: HIT

GET
H2 200 jquery_ex.min.js Show response
www.otempo.com.br/js/novoportal/ 87 KB
32 KB 300ms
299ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"89476-1612243114000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 69ms
29ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 502
etag: W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a74e51cdafb0e02-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 04 Nov 2021 11:48:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
27 KB 51ms
23ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

9c95cbcd39c056d8506cc012f727ce3417b1bcd4d4fd809bb600e8637c29ca53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1030 / 764 of 1000 / last-modified: 1635764705"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27326
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 11:48:35 GMT

GET
H2 200 bandeira-df.png
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 1 KB
1 KB 129ms
125ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/bandeira-df.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

9c468b286aad602c6bef9c2f070300ec190a95297e217ab21814b64699500a8a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
referrer-policy: origin
last-modified: Fri, 30 Jul 2021 06:21:48 GMT
server: gocache
x-gocache-image: optimized
etag: W/"4957-1627626108000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 1044
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 bandeira-distrito-federal.png
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 126 B
428 B 133ms
128ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/bandeira-distrito-federal.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d69bfdf48ba7d2b62e0fbd4ed2acffd05a73727a00d7d5288bc629366276ad4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
referrer-policy: origin
last-modified: Fri, 30 Jul 2021 06:21:48 GMT
server: gocache
x-gocache-image: optimized
etag: W/"398-1627626108000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 126
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 lupa-verde.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 375 B
548 B 133ms
129ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/lupa-verde.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

141640cc151ef08ed70f898516324710ab306f816930ec42cf6eb198d90054fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"375-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 letter-x.png
www.otempo.com.br/img/sempre-editora/ico/ 326 B
628 B 169ms
165ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/ico/letter-x.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

ffd471976ce48b154882867089bc66a95139acc9b0963d022d58cf854b182323

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 26 Apr 2018 22:56:52 GMT
server: gocache
x-gocache-image: optimized
etag: W/"527-1524783412000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 326
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 ico-conteudo-exclusivo-coroa.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 584 B
622 B 142ms
138ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/ico-conteudo-exclusivo-coroa.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

eb3cab20481098efec08a37cd1163946f92a3cdcdb4fe5098d89828915af719e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"584-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 keen-slider.js Show response
www.otempo.com.br/js/slider/ 10 KB
4 KB 120ms
120ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/slider/keen-slider.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5d5ebef52eaec62d7fbee8904cad7985dd9816a041fccdf14ed2e44a67ab2be1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Wed, 05 May 2021 07:24:14 GMT
server: gocache
etag: W/"9955-1620199454000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 slider_colunas_widget_ex.min.js Show response
www.otempo.com.br/js/novoportal/standard/ 1 KB
695 B 121ms
120ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/standard/slider_colunas_widget_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

572d89122bdf10f5781a7aa25f96c0e59f270ec3f280c29d26ea2faadfe54125

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sat, 15 May 2021 06:30:50 GMT
server: gocache
etag: W/"1290-1621060250000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 play-branco.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 767 B
724 B 143ms
140ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/play-branco.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f615dfb2a8d9c305b4031e1d3146422ec6297c0d31ba15ded74ebe25a3619f3c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"767-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 ico-conteudo-exclusivo-cifrao.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 569 B
662 B 143ms
139ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/ico-conteudo-exclusivo-cifrao.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5329f1039fea895c782fe96715c26315f5bba9b6875367ba63bda0087d387a7e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"569-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 rdstation-forms.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/ 179 KB
48 KB 38ms
8ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2cd97361029231f60fed13cfcf4b7647194819d1e7510777a42c0757e9614c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 14 Sep 2021 20:15:52 GMT
content-encoding: gzip
last-modified: Tue, 20 Jul 2021 13:38:32 GMT
server: AmazonS3
age: 4116764
etag: "936c0e9f9f2e7062db9525fd93e9a629"
x-cache: Hit from cloudfront
x-amz-version-id: sTRI5oPxk0GUIriIlx7bdWWVPfl8DTyA
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=315360000, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 48720
x-amz-cf-id: r7lfJoKSo77g0DNoC3J6a3PPyRi6tSS7UcDV6qCQ2yxZITESIzZITg==

GET
H2 200 busca.png
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 314 B
616 B 143ms
140ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/busca.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

93d41263535236b49bc4122b5e9bcb5c44f0fd8c89c7e75b843384aa19f64d11

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"549-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 314
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 temp-min.svg
www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/ 558 B
585 B 144ms
140ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/temp-min.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2298442b1dd926cc46247711cef5cdeaa58534ac9dd9368063589431b5844a72

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"558-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 temp-max.svg
www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/ 569 B
584 B 156ms
153ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/temp-max.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

044c7e3f592ff19980dc1bc23be2ec547a55a848b662e01266d9f2437c897d70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"569-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 icone-porcentagem-chuva.svg
www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/ 814 B
620 B 157ms
154ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/icone-porcentagem-chuva.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

1b2dc21fc91fd94ef65e817fe9588ae557a3faf284fe08752b7688bfac1f617d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"814-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 icone-volume-chuva.svg
www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/ 1 KB
729 B 156ms
153ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/ico/ico-tempo-clima/novos-icones/icone-volume-chuva.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

97ebd3e0873352a3f71eab338178898c6f782b18806e0312432708d48e46f206

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"1496-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 slider_multimidia_central_ex.min.js Show response
www.otempo.com.br/js/novoportal/standard/ 1 KB
678 B 124ms
120ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/standard/slider_multimidia_central_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

227b12c7ca9aec901c5dafa7d81cd8392f1187dae6bcb525ee86f7e6f104ab66

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sat, 15 May 2021 06:30:50 GMT
server: gocache
etag: W/"1247-1621060250000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 slider_multichamada_central_ex.min.js Show response
www.otempo.com.br/js/novoportal/standard/ 1 KB
745 B 131ms
126ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/standard/slider_multichamada_central_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

9adb8966741a2cf65d6d8a80c2c1a7f0b6c7de00813cc626168aeffe9bc400f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Sat, 15 May 2021 06:30:50 GMT
server: gocache
etag: W/"1422-1621060250000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 gocache-rum.js Show response
rum.goedge.me/ 3 KB
3 KB 177ms
133ms Script
text/javascript 34.107.182.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.goedge.me/gocache-rum.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.182.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7947cdfb10a5feee47f0d3be5b065da31b6db983e36c6b42da1e22dd6cdcfc84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
age: 0
x-guploader-uploadid: ADPycdtqTWVK6ylZRQzXcstqpUFz-Zc34XvBvJEBr4a8VcszgqoGWzl0442b8K9nvoGnLSpCA03XjUWFW2phrz2I7lw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 2948
x-goog-meta-
last-modified: Mon, 11 Jan 2021 14:59:01 GMT
server: UploadServer
etag: "6543ebb980d74f55cb3288a6a1af6973"
x-goog-hash: crc32c=IvlFOg==, md5=ZUPruYDXT1XLMoimoa9pcw==
x-goog-generation: 1610377141336178
cache-control: max-age=3600
x-goog-stored-content-length: 2948
accept-ranges: bytes
content-type: text/javascript
expires: Mon, 01 Nov 2021 12:48:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 143 KB
46 KB 71ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b71e63934fb92269d39bb6c94dd0aba24eeac21ec07debc23f96773060b026e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46428
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Nov 2021 11:48:35 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 62ms
36ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=566884&u=https%3A%2F%2Fwww.otempo.com.br%2F&f=1&r=0.18543873343657413
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 259677ea1ae70e942f2610f85bd8bf4fb677608cef0e55a89ad40884b674e645

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:35 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 86ms
10ms Script
application/x-javascript 2600:9000:2156:9e00:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 10:29:12 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 4764
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: i7yn8GgkGTJpR8w5Jnlayf8ErTiZFXB3tC8lYKFZIhOUJ569PmXOEA==
expires: Mon, 01 Nov 2021 12:29:12 GMT

GET
H2 200 admtracker.lib.min.js Show response
pj.l.a8723.com/ 5 KB
2 KB 110ms
15ms Script
application/javascript 143.204.98.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pj.l.a8723.com/admtracker.lib.min.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-123.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:34:34 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
age: 848
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: public,max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EZYyXwxefkJT77BIuL_3gcOla6mMK31y0WN5AoWpWTjpRdH2oofneA==

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 3 KB
3 KB 27ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e8d65bb769468815ab3997d5b840f6ebadc9fe84cc37216f5cc8cc191adc6448

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: sQsSWxWd7Qx2kr6vqVQOtA==
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
expires: Mon, 01 Nov 2021 11:49:11 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: EkOxeuBJuR5QhIy8DDrsyIy2gaTCDOU1glJVlf1v+gywSSKVJTD/nBGWfwzA0ywgWhrXT+AftG2r5wMxvscczg==
x-fb-trip-id: 917726464
x-fb-content-md5: 354db5218de2a191be0c81e729322eac
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 01 Nov 2021 11:48:35 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6d2599cbe54edc3fdb92bc09dcd7bb6c"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 round-social.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ico/ 181 B
475 B 160ms
159ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/ico/round-social.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

374855540c21fd02af861df04a731813beee3622dda2e4007945166254258a0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Fri, 30 Jul 2021 06:21:48 GMT
server: gocache
etag: W/"181-1627626108000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 181
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 52ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 11:28:53 GMT
x-content-type-options: nosniff
age: 346782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14176
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 11:28:53 GMT

GET
H2 200 fechar-branco.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 637 B
617 B 144ms
143ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/fechar-branco.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

277bd573ee7861c227aeb93b3600995791a78daba68d2e9407b07c75f72583e0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"637-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 adserv.js Show response
www.otempo.com.br/js/ 111 B
400 B 143ms
143ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/adserv.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

21b6dcdd7a548bcd043a3c56b8cd9ffcf88c3056f575f815b9a04fae1de73c2f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"111-1590077906000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 111
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 card-supernoticia.png
www.otempo.com.br/img/sempre-editora/novo-portal/ 3 KB
3 KB 143ms
143ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/card-supernoticia.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a0683e3180373bcd9dac663c0a7de174c64bb8d4d239803d8cad5acd8ca906cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"23944-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 3148
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 card-radio.png
www.otempo.com.br/img/sempre-editora/novo-portal/ 2 KB
2 KB 143ms
143ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/card-radio.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5a8ff92afed926eebd2a267cf43413d5f55399c5596fc497ed3c30eaafec0a12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"19101-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 1596
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 card-superfc.png
www.otempo.com.br/img/sempre-editora/novo-portal/ 3 KB
3 KB 146ms
146ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/card-superfc.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c4561e339051a53a4aa2e9d1b151c3aedc9361c18179e7800efbfa892b6b2820

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"23567-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 3114
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 card-tempo-betim.png
www.otempo.com.br/img/sempre-editora/novo-portal/ 2 KB
2 KB 146ms
146ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/card-tempo-betim.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8793918bdc8874e7aa4aa0c875da752f3970eaf290cafd0810fc17423a96245d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"17030-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 1822
expires: Mon, 01 Nov 2021 15:48:35 GMT

GET
H2 200 bg-ico-opiniao.png
www.otempo.com.br/img/sempre-editora/novo-portal/ 504 B
805 B 146ms
145ms Image
image/png 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/bg-ico-opiniao.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

faac50601bcf6d1bb3b9f4d6107e0ad497afe50657733f1fa7947697e825b437

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: unmodified
etag: W/"504-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 504
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 logo_otempo.png
www.otempo.com.br/img/ 5 KB
5 KB 147ms
129ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/logo_otempo.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

41056423ebf8bf7089e82c27f187c5c4144dd60b09ea754abef5dbfaa6e1c7fc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: optimized
etag: W/"5674-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 4682
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 36ms
24ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:22:50 GMT
x-content-type-options: nosniff
age: 267945
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 09:22:50 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 33ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_ZpC3gnD_vx3rCs.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 17:59:30 GMT
x-content-type-options: nosniff
age: 582545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13640
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:41 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 17:59:30 GMT

GET
H2 200 btn_super-noticia.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 1 KB
900 B 354ms
118ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/btn_super-noticia.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6a7056bf64335b91be5785e0039d0c891bec3fbcd4bf82b33e26f040ba4cc632

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"1122-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 btn-radio.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 2 KB
1 KB 356ms
121ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/btn-radio.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b6372ab5ba8853d6052efbc8fb57c777f387dfb83820bcf4b1bb1e55f54826bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"1840-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 btn_super-fc.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 1 KB
928 B 389ms
119ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/btn_super-fc.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

0027e6f73c4e3aff42fe41d15ee4c631f28823b829c66e8f251ce2e782c4fa47

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"1243-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 btn_tempo-betim.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 638 B
659 B 388ms
120ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/btn_tempo-betim.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8c7b69197baee12be7d8f9b455adac5771f9239bd92cbe312208166b9edb4017

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"638-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 5.png
www.otempo.com.br/img/sempre-editora/radio-super-noticia/ico/previsao-tempo/ 938 B
1 KB 349ms
118ms Image
image/png 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/radio-super-noticia/ico/previsao-tempo/5.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

fd15ae0fa6a76010d762ff35b0145d122424a525ab1cf5408d079df58600038e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
x-gocache-image: unmodified
etag: W/"938-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 938
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 Imager_ex.min.js Show response
www.otempo.com.br/js/novoportal/ 6 KB
2 KB 333ms
121ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/Imager_ex.min.js?version=2.0.337

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

31b49ef3eeed0c1eba9cab5217b4fc65da90afd251875296ff34f3070876d5b0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"6244-1590077906000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 foundation_ex.min.js Show response
www.otempo.com.br/js/novoportal/ 146 KB
36 KB 339ms
126ms Script
application/javascript 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/js/novoportal/foundation_ex.min.js

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

533193bfc18988c251f33271e0709165355ea7e991a78953916f5ebeb0b49409

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"149956-1590077906000"
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js Show response
d335luupugsy2.cloudfront.net/js/loader-scripts/ 4 KB
2 KB 847ms
847ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 24a407834557751c1cc8faa7f3b78445c087c774ca6bdc5484026062d38a29ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: CRBtvZNiDQPIzjFL9Y1LYwEIDuKcNkho
content-encoding: gzip
last-modified: Tue, 28 Sep 2021 12:25:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"85d9968d1ac2c46ba671dc4b3be92875"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: no-cache
date: Mon, 01 Nov 2021 11:48:37 GMT
x-amz-cf-id: LNuOZ_aLpqDTcfM5uguIz-igrM7_KFqsVRnH_45lJlgbFmEEwJpwIg==

GET
H2 200 ic_headset.svg Show response
www.otempo.com.br/polopoly_fs/1.2264573.1574366367!/menu/standard/file/ Frame B5F2 415 B
545 B 157ms
121ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264573.1574366367!/menu/standard/file/ic_headset.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cf45acf0ab9c30a993f82fe4015812c5594298563bfc8802387ce27fbd5db923

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:59:56 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_galery.svg Show response
www.otempo.com.br/polopoly_fs/1.2264568.1574366246!/menu/standard/file/ Frame 6F2D 451 B
544 B 204ms
135ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264568.1574366246!/menu/standard/file/ic_galery.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

1bfb7e8b9103050fd11a449c7cfebb443168249673ddd0e051379240c76ce0c1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:57:47 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_job.svg Show response
www.otempo.com.br/polopoly_fs/1.2264578.1574366564!/menu/standard/file/ Frame 563A 462 B
544 B 203ms
130ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264578.1574366564!/menu/standard/file/ic_job.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

bf5434daeda27dc8f643388d7264c12ea5bc7a977dd62a38e203119937adbf60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:03:16 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 newsletter.svg Show response
www.otempo.com.br/polopoly_fs/1.2516995.1627060957!/menu/standard/file/ Frame 9E65 1 KB
913 B 203ms
131ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2516995.1627060957!/menu/standard/file/newsletter.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5b2dcaadc4236461579ff1036430dd6f60eccef708d0c5c818669258328411d7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Fri, 23 Jul 2021 17:22:53 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_politica2.svg Show response
www.otempo.com.br/polopoly_fs/1.2309305.1583945749!/menu/standard/file/ Frame 0225 2 KB
1 KB 286ms
132ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2309305.1583945749!/menu/standard/file/ic_politica2.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8f43a70eed0b2fb553ea89ceebb728a89781ee144ec6f877a3c9b3358706e03f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Wed, 11 Mar 2020 16:56:24 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_globe.svg Show response
www.otempo.com.br/polopoly_fs/1.2264570.1574366301!/menu/standard/file/ Frame E6EB 525 B
590 B 219ms
145ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264570.1574366301!/menu/standard/file/ic_globe.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8b7752a6d87d795aaca263858f41a6857e01d3e46d2a96d759d337e53676bc39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:58:44 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_live_do_tempo.svg Show response
www.otempo.com.br/polopoly_fs/1.2331592.1588272923!/menu/standard/file/ Frame C0C6 2 KB
1 KB 221ms
147ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2331592.1588272923!/menu/standard/file/ic_live_do_tempo.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3bf2591e5b025191e3bc01dc734cdd954ba2e6bebb228f7c327705f8f09acecd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 30 Apr 2020 18:56:01 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_Cidades.svg Show response
www.otempo.com.br/polopoly_fs/1.2264567.1574366175!/menu/standard/file/ Frame D490 333 B
524 B 321ms
119ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264567.1574366175!/menu/standard/file/ic_Cidades.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b2f0dd7edecd5a5b6e64e574383422d4b15f99414e2f7e55f949f747e6bee530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:56:51 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_moda.svg Show response
www.otempo.com.br/polopoly_fs/1.2267354.1574977177!/menu/standard/file/ Frame DE70 3 KB
1 KB 219ms
134ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2267354.1574977177!/menu/standard/file/ic_moda.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

e8512b19fe776b8480e575541439b5e8bf2e5a1a63e6513363edce30cf8b8de4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 28 Nov 2019 21:39:59 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_person_star.svg Show response
www.otempo.com.br/polopoly_fs/1.2264580.1574366716!/menu/standard/file/ Frame 820B 4 KB
2 KB 253ms
170ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264580.1574366716!/menu/standard/file/ic_person_star.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

cf7c89923ec474c62040ec12538f0e8d7da4f59aabc37cbe77aaacb18132fcc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:05:41 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_novo_mais.svg Show response
www.otempo.com.br/polopoly_fs/1.2471234.1618247299!/menu/standard/file/ Frame 9074 2 KB
1011 B 253ms
171ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2471234.1618247299!/menu/standard/file/ic_novo_mais.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

ceb8bbb093ffffb533de82b22bc067dd00f597b0e2107cfc9e309c8062cd3a67

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Mon, 12 Apr 2021 17:08:39 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_sports.svg Show response
www.otempo.com.br/polopoly_fs/1.2264584.1574366951!/menu/standard/file/ Frame 27EC 859 B
772 B 253ms
172ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264584.1574366951!/menu/standard/file/ic_sports.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

926dfb0f9a8bf7a539979d79748ca5de92e0b8ac54b1bd87af2cc0ae7bda57f9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:12:09 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_interessa.svg Show response
www.otempo.com.br/polopoly_fs/1.2264575.1574366443!/menu/standard/file/ Frame 0F0A 1 KB
604 B 253ms
173ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264575.1574366443!/menu/standard/file/ic_interessa.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

e987d98e0b22f59823ab7807c523dc6467581f2d079eb05f8104d8bfe3612b93

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:01:06 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_ServicosGrafigcos.svg Show response
www.otempo.com.br/polopoly_fs/1.2445357.1612902723!/menu/standard/file/ Frame E041 2 KB
1 KB 271ms
168ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2445357.1612902723!/menu/standard/file/ic_ServicosGrafigcos.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b2625da2aaa81043b1c928dc8af867ac296f015d7e6b9bec5ebed8a64894df57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Tue, 09 Feb 2021 20:33:16 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_tv_play.svg Show response
www.otempo.com.br/polopoly_fs/1.2264593.1574367278!/menu/standard/file/ Frame 0C9E 436 B
546 B 259ms
163ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264593.1574367278!/menu/standard/file/ic_tv_play.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

0e6d97518db5d932459f07ed4047795a6a41b5116a17c7d22360a7517da4d821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:15:46 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_star_ball.svg Show response
www.otempo.com.br/polopoly_fs/1.2264589.1574367184!/menu/standard/file/ Frame 030A 733 B
714 B 259ms
163ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264589.1574367184!/menu/standard/file/ic_star_ball.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

21a306a350dff0a6c34fec40b48eae20207f4732277267df015c85f6923857a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 20:13:41 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_car.svg Show response
www.otempo.com.br/polopoly_fs/1.2264563.1574366047!/menu/standard/file/ Frame 06BF 671 B
619 B 259ms
164ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264563.1574366047!/menu/standard/file/ic_car.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

fd497a0a40955f30c3f448f7a492ec372b0b79ea21b06a635462431687640b83

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:54:39 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_turismo.svg Show response
www.otempo.com.br/polopoly_fs/1.2264841.1574422632!/menu/standard/file/ Frame F80B 348 B
519 B 260ms
169ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264841.1574422632!/menu/standard/file/ic_turismo.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

fa488b7ed1fcd68f0f9b7270ca32bee8a10f65085ed430f77198bed49a22c64c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Fri, 22 Nov 2019 11:37:26 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ultimasnoticias.svg Show response
www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ Frame B54F 2 KB
874 B 261ms
171ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ultimasnoticias.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

824713cf06bbb69f013b006bd96249f94b72011c3726c75ba90b89419d115a63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 25 Feb 2021 19:01:34 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_entretenimento.svg Show response
www.otempo.com.br/polopoly_fs/1.2309412.1583957908!/menu/standard/file/ Frame F1EF 1 KB
825 B 269ms
176ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2309412.1583957908!/menu/standard/file/ic_entretenimento.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

40aec88ea3c463e06e6c1d3eaab132f0ec2eb95d44d005fc9f8f661c78c1b6b3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Wed, 11 Mar 2020 20:18:41 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 2.svg Show response
www.otempo.com.br/polopoly_fs/1.2447655.1613424557!/menu/standard/file/ Frame 06B8 2 KB
1 KB 254ms
169ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2447655.1613424557!/menu/standard/file/2.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b7b3eeaceb7dc6ea687296d24449049c5994acd922e0f2780ebac563eee4e759

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Mon, 15 Feb 2021 21:30:04 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ultimasnoticias.svg Show response
www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ Frame 6573 2 KB
874 B 261ms
177ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2452056.1614279668!/menu/standard/file/ultimasnoticias.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

824713cf06bbb69f013b006bd96249f94b72011c3726c75ba90b89419d115a63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 25 Feb 2021 19:01:34 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 congresso_icone.svg Show response
www.otempo.com.br/polopoly_fs/1.2547486.1632746613!/menu/standard/file/ Frame 234D 27 KB
21 KB 255ms
170ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2547486.1632746613!/menu/standard/file/congresso_icone.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

03d18cb7ad1dd10fb7b9eb7edfab1c02377ee1859d7037dcb261274e00722fe1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Mon, 27 Sep 2021 12:43:40 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_coronavirus_verde.svg Show response
www.otempo.com.br/polopoly_fs/1.2313722.1584714858!/menu/standard/file/ Frame AA33 2 KB
1 KB 231ms
159ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2313722.1584714858!/menu/standard/file/ic_coronavirus_verde.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4accfd41d9a87116240e3a963c71473cc13c77eabdf87f66c7b74df9af90e3c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Fri, 20 Mar 2020 14:34:42 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_ballon_chat.svg Show response
www.otempo.com.br/polopoly_fs/1.2264559.1574365556!/menu/standard/file/ Frame C5F8 406 B
533 B 238ms
167ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264559.1574365556!/menu/standard/file/ic_ballon_chat.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

68e81fe80a48b21c742f0f4abab3593f32565bff3ef2fbff5d43979cad79e526

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:51:44 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 ic_brush.svg Show response
www.otempo.com.br/polopoly_fs/1.2264561.1574365975!/menu/standard/file/ Frame DDF6 560 B
599 B 238ms
167ms Document
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/polopoly_fs/1.2264561.1574365975!/menu/standard/file/ic_brush.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

0a394e36853a711be6b0576d0d95ad2f4b35886e3b0a5ed74cb1f3f24aca8963

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-type: image/svg+xml;charset=utf-8
last-modified: Thu, 21 Nov 2019 19:53:22 GMT
referrer-policy: origin
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:36 GMT
cache-control: max-age=14400
server: gocache
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
content-encoding: gzip

GET
H2 200 sdk.js Show response
connect.facebook.net/pt_BR/ 266 KB
76 KB 25ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pt_BR/sdk.js?hash=83c058cd5fd7612762f5e8293d7f5cf9

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pt_BR/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

89aaeda4ec9bf0939e53d0d355c025717a9db80b87966b3a4707b7d9551877a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: S6aOujkK3HqFcMqoU2bDFA==
cross-origin-resource-policy: cross-origin
expires: Tue, 01 Nov 2022 11:29:13 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76717
x-fb-rlafr: 0
x-fb-debug: uURIGeXEn9I5yLC6nvrX/Peqts6MAJFXbPHVz1lwz0CL2/JILdk7ud0pxDyEQUJADYUI65cNEAiO4I/jtsTljA==
x-fb-trip-id: 917726464
x-fb-content-md5: 1199782c4ec7fead68738e9733f6aad9
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 01 Nov 2021 11:48:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3859095abaa8742035f98bda5593d8e2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 pubads_impl_2021102501.js Show response
securepubads.g.doubleclick.net/gpt/ 356 KB
120 KB 22ms
21ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122594
x-xss-protection: 0
last-modified: Mon, 25 Oct 2021 08:35:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 230 B
156 B 37ms
17ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

329ad70715f78946699e0295a75baaf227b5666c2bb01421844b3113a9008be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H3 200 tag-167acbb47fb7397cbe9064e626d5d4d4.js Show response
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ 163 KB
46 KB 20ms
8ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-167acbb47fb7397cbe9064e626d5d4d4.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=566884&u=https%3A%2F%2Fwww.otempo.com.br%2F&f=1&r=0.18543873343657413
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 696bc746b95e1721f0b5e2e0a3664349f92171d528c818df3dde76093588e92b

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 11:56:10 GMT
server: gfra1
etag: "61793e5a-b7f4"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47092
via: 1.1 google

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 94ms
93ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=566884&d=otempo.com.br&u=DA83DC999B468C32B13E8F870D37F03A4&h=70e98b7635398ea595f81740a04d4472&t=false&r=0.5146591396808025

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:35 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 29ms
28ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 440
etag: W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 6a74e51d6c140e02-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 04 Nov 2021 11:48:36 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 22ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 11:16:46 GMT
x-content-type-options: nosniff
age: 88310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:47:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Mon, 31 Oct 2022 11:16:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 6450
date: Mon, 01 Nov 2021 10:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 01 Nov 2021 12:01:06 GMT

GET
H2 200 ivc.js Show response
gadasource.storage.googleapis.com/ 71 KB
24 KB 80ms
16ms Script
text/plain 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gadasource.storage.googleapis.com/ivc.js
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:28:41 GMT
content-encoding: gzip
age: 1195
x-guploader-uploadid: ADPycdveaSalRgVeYs30AiUe7-ZAcHZJQJ2bMIQUkoVCcFFEQoc368VPkA1ugGsRRVlvPKGxenNl9xIV0PqCmNfAyi0
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24321
last-modified: Mon, 02 Sep 2019 19:50:51 GMT
server: UploadServer
etag: "cdaa61cbc24c48191196b45b31a7e18b"
vary: Accept-Encoding
x-goog-hash: crc32c=okr5pw==, md5=zaphy8JMSBkRlrRbMafhiw==
x-goog-generation: 1567453851562424
cache-control: public, max-age=3600
x-goog-stored-content-length: 24321
accept-ranges: bytes
content-type: text/plain
expires: Mon, 01 Nov 2021 12:28:41 GMT

GET
H2 200 tm67531.js Show response
tag.navdmp.com/ 12 KB
4 KB 77ms
29ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.navdmp.com/tm67531.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888e5142372c313294e9189d73466e0addce765ab7acf82ea9512d8aab384c43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Sep 2021 18:45:05 GMT
server: cloudflare
age: 3486
etag: W/"6137b331-2eb7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: *
cache-control: max-age=3600
cf-ray: 6a74e51e2fd0375b-MXP
content-type: application/javascript
expires: Mon, 01 Nov 2021 11:50:30 GMT

GET
H2 200 360.js Show response
s.clickiocdn.com/t/210916/ 389 KB
138 KB 57ms
15ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/210916/360.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 1fbe66d2920b8112855b2514fec350c637ea6928f7fe76dfd98b5ae0fe0ff111

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:12:56 GMT
server: nginx/1.16.0
etag: W/"617faf98-615d3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Mon, 01 Nov 2021 12:18:36 GMT

GET
H2 200 assine-nossa-newsletter-a91bfb95c4dc6e8064ac Show response
forms.rdstation.com.br/ 35 KB
35 KB 352ms
111ms XHR
text/html 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://forms.rdstation.com.br/assine-nossa-newsletter-a91bfb95c4dc6e8064ac
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: ce8e13842c78096bd744fe781a7bfeec32dbecf983a8cd0d5a4cb9c4bea0b5b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:36 GMT
content-length: 35630
content-type: text/html

GET
H2 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
13 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_bZF3gnD_vx3rCs.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:30:44 GMT
x-content-type-options: nosniff
age: 515872
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13464
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:50 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 26 Oct 2022 12:30:44 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v14/ 12 KB
12 KB 16ms
16ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTURjIg1_i6t8kCHKm45_epG3gnD_vx3rCs.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 11:57:41 GMT
x-content-type-options: nosniff
age: 345055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12504
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 11:57:41 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ 13 KB
14 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 09:27:20 GMT
x-content-type-options: nosniff
age: 267676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:45:45 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 29 Oct 2022 09:27:20 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 13 KB
14 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/plugins-novo-portal.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 18:21:27 GMT
x-content-type-options: nosniff
age: 581229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13708
x-xss-protection: 0
last-modified: Tue, 23 Jul 2019 03:46:48 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 25 Oct 2022 18:21:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 25ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=111902212164434&ev=fb_page_view&dl=https%3A%2F%2Fwww.otempo.com.br%2F&rl=&if=false&ts=1635767316253&sw=1600&sh=1200&at=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 25ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=111902212164434&ev=fb_page_view&dl=https%3A%2F%2Fwww.otempo.com.br%2F&rl=&if=false&ts=1635767316255&sw=1600&sh=1200&at=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H3 200 tag-d097f4ce84eb9e992948fea334a389d2.js Show response
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ 93 KB
24 KB 10ms
10ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/tag-d097f4ce84eb9e992948fea334a389d2.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-167acbb47fb7397cbe9064e626d5d4d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 627f63086bdf16bb84922d3db03bc854e992220c8aba24d0a6ecfd23f8b56fe5

Request headers

Referer: https://www.otempo.com.br/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:35 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 11:56:10 GMT
server: gfra1
etag: "61793e5a-5fac"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24492
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 59ms
23ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 68ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 197 KB
39 KB 924ms
923ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=806105494369832&correlator=1798003349322447&output=ldjh&impl=fifs&eid=31063283%2C31063344%2C31063139&vrg=2021102501&ptt=17&sc=1&sfv=1-0-38&ecs=20211101&iu_parts=14159828%2CO_TEMPO_VIDEO_SLIDER%2Cotempo_2018_BTF_1_970X250%2Cotempo_capa_ATF_right_300x600%2Cotempo_capa_ATF_center_300x250%2Cotempo_capa_BTF_right_300x250%2Cotempo_vidoomy_1x1%2Cotempo_banner_ATF%2Cotempo_fixed_all_pages_desktop_728x90%2COTEMPO_BILLBOARD_1_970x250&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%2C300x600%7C300x250%2C300x250%7C320x250%7C320x100%2C300x250%7C320x250%7C320x100%2C1x1%2C450x450%2C728x90%2C970x90%7C728x90%7C970x250&prev_scp=%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7C%7C%7Crefresh%3Dtrue%7C&cust_params=resolucao%3D1600x1200%26urldata%3Dhttps%253A%252C%252Cwww%252Cotempo%252Ccom%252Cbr%252C%26titleofpage%3DO%2520TEMPO%26tipoPage%3DHome&cookie_enabled=1&bc=31&abxe=1&lmt=1635767316&dt=1635767316332&dlt=1635767315120&idt=1166&frm=20&biw=1600&bih=1200&oid=2&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C170&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C181&adks=2905947309%2C1044573090%2C1843603341%2C3871242512%2C2631970890%2C1174031933%2C3088237155%2C3053916354%2C436843765&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.otempo.com.br%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1260x250&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C1260x250&ga_vid=768733007.1635767316&ga_sid=1635767316&ga_hid=1027726375&ga_fc=false&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

00f743bcabfa2778a233f780806b22ef33a4ca4b3852acf38e62a7b803d8d3d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39865
x-xss-protection: 0
google-lineitem-id: 5652449403,-1,-2,-2,-1,5646900638,-2,5622820546,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344763478,-1,-2,-2,-1,138343475994,-2,138340438786,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 466 B
287 B 40ms
40ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5dc00f89574d14108e9396b507374e7c09be2943e147eeaff6738f19b46cb55d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB40 6 KB
4 KB 100ms
23ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 11:48:36 GMT
expires: Tue, 01 Nov 2022 11:48:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 204 /
rum.gocache.com.br/network/ Frame 0
0 1356ms
417ms Preflight 170.82.173.25
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.gocache.com.br/network/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.173.25 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.otempo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
function-execution-id: g3fd1wreefh6
x-cloud-trace-context: 0b9fd60cdb6d77b42c7cbcd7487efe15
x-gocache-cachestatus: BYPASS
server: gocache
server-timing: x-gocache-cache-status;desc="BYPASS",x-variant;desc="b",x-id;desc="34ceff779576fdfa518a7c1c5f9aa740"

POST
H2 200 / Show response
rum.gocache.com.br/network/ 7 B
324 B 473ms
473ms XHR
text/html 170.82.173.25
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.gocache.com.br/network/
Requested by: Host: rum.goedge.me
URL: https://rum.goedge.me/gocache-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.173.25 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://www.otempo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: gzip
server: gocache
x-gocache-cachestatus: BYPASS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 68a2b18abd8810d030a49959c6455b09
function-execution-id: hbo1if74nchp
server-timing: x-gocache-cache-status;desc="BYPASS",x-variant;desc="b",x-id;desc="34ceff779576fdfa518a7c1c5f9aa740"

GET
H2 200 / Show response
checkpoint0.gocache.com.br/ 0
364 B 640ms
8ms XHR
text/html 34.107.182.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpoint0.gocache.com.br/?46297
Requested by: Host: rum.goedge.me
URL: https://rum.goedge.me/gocache-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.182.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:22:46 GMT
via: 1.1 google
server: Google Frontend
age: 2395551
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 900d4b3cad15304317e247e37ca2139e;o=1
cache-control: public,max-age=2592000
function-execution-id: dipb4v5s68zs
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", clear
content-length: 0

GET
H2 204 / Show response
checkpoint1.gocache.com.br/ 0
191 B 1045ms
120ms XHR
text/plain 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpoint1.gocache.com.br/
Requested by: Host: rum.goedge.me
URL: https://rum.goedge.me/gocache-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:37 GMT
cache-control: no-cache
server: gocache
server-timing: x-gocache-cache-status;desc="-",x-variant;desc="a",x-id;desc="9752fd948b05d08e140b52caad604411"
timing-allow-origin: *

GET
H2 204 / Show response
checkpoint2.gocache.com.br/ 0
191 B 939ms
206ms XHR
text/plain 170.82.173.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL: https://checkpoint2.gocache.com.br/
Requested by: Host: rum.goedge.me
URL: https://rum.goedge.me/gocache-rum.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 170.82.173.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),
Reverse DNS
Software: gocache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:37 GMT
cache-control: no-cache
server: gocache
server-timing: x-gocache-cache-status;desc="-",x-variant;desc="b",x-id;desc="f9cadc9eedc42cfee002a470ad80b2da"
timing-allow-origin: *

GET /
checkpoint3.gocache.com.br/ 0
0

GET
H2 200 web Show response
onesignal.com/api/v1/sync/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/ 6 KB
2 KB 39ms
29ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/ce9b558b-48a8-4e09-b4cf-1eda7399c6fe/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8427abca544411fcee4ace1287f9917eeb52b36db26b20ea6d69b380586038c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1089
cf-polished: origSize=5770
status: 200 OK
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 82ebc3e0-fced-4911-a49c-2218056d2b1f
x-runtime: 0.038099
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"582bc319711805fed02c63d81f3463fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 6a74e51fc8820e02-MXP
access-control-allow-headers: SDK-Version
expires: Mon, 01 Nov 2021 12:48:36 GMT

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 1 KB
769 B 9ms
9ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=566884&settings_type=1&vn=7.0&r=0.39841455450817187&exc=2|3|13
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-167acbb47fb7397cbe9064e626d5d4d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e7e2e87c244f36979b226c78ddfc679eab31179183abb995bee76573d3ec4879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 1624ms
1624ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8166d358b06a61d9bcb069faf7fb16fdc6b6a70e8dbdaea3092116998e2a57ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12318
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1030ms
1030ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e0a078eee605ad519d883a0d4c0f2e158e363d5d90c30e7f3a5714f27a735c90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7342
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-TBT9WDJ&t=gtm4&cid=768733007.1635767316

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bfecf4db01c34ad182e3f190a3f0d3de98234e3225641ed1d014f04921d77b78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35725
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H2 200 usr Show response
usr.navdmp.com/ 360 B
462 B 191ms
181ms Script
application/javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.navdmp.com/usr?v=7&acc=67531&upd=1&new=1&wst=0&wct=1
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm67531.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20f7396f30644443e05d6576286375416ac59d3c7007ac438ec04ecf0c17b2d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a74e5210df3375b-MXP
p3p: CP='CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: max-age=3600
act: f0
content-type: application/javascript
expires: Mon, 01 Nov 2021 12:48:36 GMT

GET
H/1.1 200 i
ivccf.ivcbrasil.org.br/ 43 B
467 B 724ms
179ms Image
image/gif 2620:108:700f::36d6:637
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivccf.ivcbrasil.org.br/i?stm=1635767316595&e=pv&url=https%3A%2F%2Fwww.otempo.com.br%2F&page=O%20TEMPO&tv=js-2.9.2-SNAPSHOT&tna=cf&aid=33&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&f_inpriv=0&f_abd=0&res=1600x1200&cd=24&cookie=1&eid=4afd7b71-c946-446a-91f6-03c2e605e3af&dtm=1635767316593&vp=1600x1200&ds=1600x8503&vid=1&sid=62ac078e-a007-4d72-984b-bcbfab541140&duid=715e0e51-ac1a-4bf4-bacd-492fcee029ff&fp=3646844634
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:108:700f::36d6:637 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 11:48:37 GMT
Server: Apache/2.4.37 (Amazon) OpenSSL/1.0.2k-fips
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 fundo-galeria-portal.jpg
www.otempo.com.br/img/sempre-editora/novo-portal/ 38 KB
38 KB 242ms
241ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/fundo-galeria-portal.jpg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-home.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

bca6b188eb1480e05b95076256eb0ebd7998a3b95e566053526e286bf89c1c38

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 21 May 2020 16:18:26 GMT
server: gocache
etag: W/"38820-1590077906000"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT, REVALIDATED
content-length: 38820
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H2 200 fancybox_overlay.png
www.otempo.com.br/img/fancybox/ 88 B
401 B 234ms
233ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/fancybox/fancybox_overlay.png

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-home.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

6c097b6a34efe31e272e1fbd3e7cfef3fc02b8938ed887bfa2e40c70492ffd5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 26 Apr 2018 22:56:52 GMT
server: gocache
x-gocache-image: optimized
etag: W/"1003-1524783412000"
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
x-gocache-cachestatus: HIT, REVALIDATED
content-length: 88
expires: Mon, 01 Nov 2021 15:48:36 GMT

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 10ms
9ms XHR
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/tag-167acbb47fb7397cbe9064e626d5d4d4.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
last-modified: Wed, 27 Oct 2021 11:56:10 GMT
server: gfra1
etag: "61793e5a-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599
via: 1.1 google

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e537b403631b2ecf3484b483dd67a08257a0590317813803ca9c1b98790cd9f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 11:46:44 GMT
server: ESF
date: Mon, 01 Nov 2021 11:48:36 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 14 KB
3 KB 64ms
23ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3075785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2295
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-38aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f346Bj9JoWhB84OFWmLwZ1QnuAxAioMZXXoJWp8i2zHNp1rYSslqMFI8%2FYv3WHXIie4sqrXahx117WefDDVOORJpIVSLk5J9cucu0DikMNqzVumSGlmsYvEhk1tSQggpNHHAMieMoeAFAYiRiBlb%2Fhbr"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a74e521fff159fb-MXP
expires: Sat, 22 Oct 2022 11:48:36 GMT

GET
H2 200 $vcerzl7szgp
d335luupugsy2.cloudfront.net/cms/files/205446/1610029711/ 9 KB
9 KB 10ms
9ms Image
image/png 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/205446/1610029711/$vcerzl7szgp
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6df48c573ef0e78619dc364c61f8e39a60e69f1d7e4f49000d6f6f40270c0c3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 04:37:29 GMT
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Thu, 07 Jan 2021 14:29:10 GMT
server: AmazonS3
age: 25868
etag: "b614f27431ff6e4b6bb67877d47b7be0"
x-cache: Hit from cloudfront
x-amz-version-id: 5Na7QWK7dsk5clLxNv8feT22eA99xy0l
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 9320
x-amz-cf-id: aUCa0JLrNkxcl2sJ2JWc1LbbVmlGuRO34IThzCweywD0N5pc6nwdDQ==

GET
H2 200 $w407s7xix5p
d335luupugsy2.cloudfront.net/cms/files/205446/1630971277/ 12 KB
12 KB 11ms
11ms Image
image/jpeg 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d335luupugsy2.cloudfront.net/cms/files/205446/1630971277/$w407s7xix5p
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b9e1d1e3d108d636fae7948ae8a7a977d5e44ee5e8f1ae83bdf149818672d02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VGSjiL1uSl0d6rPs418JDS_.wWqJq2bc
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
last-modified: Mon, 06 Sep 2021 23:34:45 GMT
server: AmazonS3
age: 16791
etag: "fe4bdaa8b37bc02413fb56918ce27999"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Mon, 01 Nov 2021 07:08:46 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 12097
x-amz-cf-id: m0JQwhp6tZ9uGH_xFwu5Yvz0kt5wr4TmZ_XykefKd6-aBbN-kYh8iA==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 15ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 12:11:32 GMT
x-content-type-options: nosniff
age: 344224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 12:11:32 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.otempo.com.br
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 28 Oct 2021 16:21:38 GMT
x-content-type-options: nosniff
age: 329218
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 28 Oct 2022 16:21:38 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
182 B 22ms
21ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1027726375&t=pageview&_s=1&dl=https%3A%2F%2Fwww.otempo.com.br%2F&ul=en-us&de=UTF-8&dt=O%20TEMPO&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjAAEADQAAAAC~&jid=1828687108&gjid=106906383&cid=768733007.1635767316&tid=UA-9513496-1&_gid=2115691587.1635767317&_r=1&gtm=2wgar05BKLMTQ&z=350692351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:36 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otempo_fixed_all_pages_desktop_728x90.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/ 239 B
468 B 118ms
118ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/otempo_fixed_all_pages_desktop_728x90.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

66605354c976d59e4cfa85ab40395101882a1efacd6545720d21466843b5dc84

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:36 GMT
referrer-policy: origin
last-modified: Thu, 11 Mar 2021 07:32:16 GMT
server: gocache
etag: W/"239-1615447936000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 239

GET
DATA 200
OK truncated
/ 51 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 otempo_capa_ATF_right_300x600.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/ 273 B
444 B 122ms
122ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/otempo_capa_ATF_right_300x600.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8dbddd8b30a257049818cf8b378ab865a672509a389f6cf8e00763a05477eb73

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"273-1612243114000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-gocache-cachestatus: HIT

GET
H2 200 otempo_capa_ATF_center_300x250.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/ 274 B
443 B 122ms
122ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/otempo_capa_ATF_center_300x250.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

dc62767f0f6ef739aa8ea6ee22d3609d90e446e02cdf7d20db29b5700573daff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"274-1612243114000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-gocache-cachestatus: HIT

GET
H2 200 otempo_capa_BTF_right_300x250.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/ 273 B
444 B 121ms
121ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/otempo_capa_BTF_right_300x250.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5430df5b7229ec25f4a7e37ac51119e68a4b4263bcc3dbaef8985fe6962e6cc4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"273-1612243114000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
x-gocache-cachestatus: HIT

GET
H2 200 otempo_2018_BTF_1_970X250.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/ 248 B
476 B 121ms
121ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/capa/otempo_2018_BTF_1_970X250.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c1fd7f704820f02a820c5c00e294273909bb84348095f7e754da2033b2296e57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:34 GMT
server: gocache
etag: W/"248-1612243114000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 248

GET
H2 200 vidoomy_1x1.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/vidoomy/ 233 B
461 B 121ms
121ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/vidoomy/vidoomy_1x1.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

756ad69947a080838869491fa44aad777bc49bde56b140a56be3b13ca9c47e20

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
last-modified: Sat, 19 Dec 2020 06:53:30 GMT
server: gocache
etag: W/"233-1608360810000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 233

GET
H2 200 otempo_banner_ATF_450x450.html Show response
www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/ 201 B
429 B 121ms
121ms XHR
text/html 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to

Full URL

https://www.otempo.com.br/sempre/publicidade/dfp/blocks/novo-portal/otempo_banner_ATF_450x450.html

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/js/novoportal/jquery_ex.min.js?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

bf97e16e7826f85f631d7e7324d5c3accc52f038bbbf82b6d2975bea2e961729

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.otempo.com.br/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
last-modified: Sat, 15 May 2021 06:30:50 GMT
server: gocache
etag: W/"201-1621060250000"
x-frame-options: SAMEORIGIN
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-gocache-cachestatus: HIT
content-length: 201

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/5lp-1gS4aPg/ 31 KB
32 KB 66ms
15ms Image
image/jpeg 2a00:1450:4001:82f::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/5lp-1gS4aPg/hqdefault.jpg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b65df980275cd1840177bcf7466e5e7e6acffa815118e993f9a6f5a76318ab9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:43:55 GMT
x-content-type-options: nosniff
age: 282
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32227
x-xss-protection: 0
server: sffe
etag: "1635760393"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 01 Nov 2021 11:48:55 GMT

GET
H2 200 bt-play.svg
www.otempo.com.br/img/sempre-editora/novo-portal/ 952 B
796 B 122ms
122ms Image
image/svg+xml 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/img/sempre-editora/novo-portal/bt-play.svg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/css/novo-portal/style-novoportal-standard.css?version=2.0.337

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

60b5c8ddeec3e7cabd6323fb9c0a6f5e5d6e11f992afae9948f662e4897a2f6d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
referrer-policy: origin
last-modified: Tue, 02 Feb 2021 05:18:32 GMT
server: gocache
etag: W/"952-1612243112000"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
x-gocache-cachestatus: HIT
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 req Show response
cdn.navdmp.com/ 6 B
101 B 170ms
159ms Script
application/x-javascript 2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.navdmp.com/req?v=7&upd=1&new=1&id=f9ec96b1a02c1537a0d8033d809&acc=67531&url=https%3A//www.otempo.com.br/&tit=O%20TEMPO
Requested by: Host: tag.navdmp.com
URL: https://tag.navdmp.com/tm67531.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a74e5235ad7375b-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/x-javascript

GET
H2

200

sync Show response
sync2.navdmp.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=navegg_ddp&google_cm&id=67088509722
https://sync2.navdmp.com/sync?prtid=2&id=67088509722&google_gid=CAESEMEX9-Q7gGR_KUD-L03H0Uc&google_cver=1

6 B
58 B

171ms
162ms

Script
application/javascript

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync2.navdmp.com/sync?prtid=2&id=67088509722&google_gid=CAESEMEX9-Q7gGR_KUD-L03H0Uc&google_cver=1
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6a74e5242ca2375b-MXP
content-length: 6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync2.navdmp.com/sync?prtid=2&id=67088509722&google_gid=CAESEMEX9-Q7gGR_KUD-L03H0Uc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync.navdmp.com/
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3A//sync.navdmp.com/sync%3Fimg%3D1%26mdia%3D%5BMM_UUID%5D
https://sync.navdmp.com/sync?img=1&mdia=1493617f-d415-4d00-8140-703ae45a65f6

43 B
130 B

186ms
175ms

Image
image/gif

2606:4700::6810:cf3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.navdmp.com/sync?img=1&mdia=1493617f-d415-4d00-8140-703ae45a65f6
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Server: 2606:4700::6810:cf3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
cf-ray: 6a74e5243cee375b-MXP
content-length: 43

Redirect headers

Date: Mon, 01 Nov 2021 11:48:37 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://sync.navdmp.com/sync?img=1&mdia=1493617f-d415-4d00-8140-703ae45a65f6
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Mon, 01 Nov 2021 11:48:36 GMT

GET
H2 204 cms
cms.analytics.yahoo.com/ 0
0 102ms
31ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.analytics.yahoo.com/cms?partner_id=NAVEG
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS: spcms.pbp.vip.ir2.yahoo.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 sp.js Show response
d335luupugsy2.cloudfront.net/js/sauron-analytics/stable/ 96 KB
31 KB 8ms
8ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/sauron-analytics/stable/sp.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d5f3a5281e1de4d8910f5d53d67783695cfed897ce394816320695e5783cd91b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: f519vLzwlqhrYSUo4VPrHylk1sJP1zC1
content-encoding: gzip
last-modified: Tue, 21 Sep 2021 16:20:32 GMT
server: AmazonS3
age: 3279
etag: W/"16837bf062c714a3d27e60270dc78e8d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=3600
date: Mon, 01 Nov 2021 10:53:59 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: GQbEciHiQSeabWEUNzb9NqHhKWM31HhJGk8FlRRadEDac9HE7edhNA==

GET
H2 200 lead-tracking.min.js Show response
d335luupugsy2.cloudfront.net/js/lead-tracking/stable/ 2 KB
1 KB 9ms
9ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/lead-tracking/stable/lead-tracking.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: VK74Y_629OBaxeWwwoiBIyYa.m4SxWD5
content-encoding: gzip
last-modified: Mon, 17 Aug 2020 12:56:23 GMT
server: AmazonS3
age: 18350
etag: W/"361325c86c17ebc03ff0f4d88d267a83"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
date: Mon, 01 Nov 2021 06:42:48 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NmeZI41805TQ3CqoMIsvKmCCy0AgdSiLPu7MrGcK-DrfdsY303Bpdg==

GET
H2 200 traffic-source-cookie.min.js Show response
d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/ 2 KB
1 KB 8ms
8ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/traffic-source-cookie/stable/traffic-source-cookie.min.js
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62894e21310ad30458d50c4ec5a38889092498119bd337fbaabed88772a0b14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: XZdYe7srObSc7mFfrgpBi4sW1gFElr.6
content-encoding: gzip
last-modified: Tue, 26 Oct 2021 20:03:17 GMT
server: AmazonS3
age: 82313
etag: W/"c28640aa9141cc27478ef21569f4a56b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
date: Sun, 31 Oct 2021 12:56:52 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Gy0y0K4N55wC1yLDbyRI2oQhZLyRqKafG_ZD86igPgklswAp15SV2Q==

GET
H2 200 common_258.js Show response
s.clickiocdn.com/t/ 142 KB
59 KB 17ms
17ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/common_258.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5BKLMTQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 089933c6869fba14c26ccf1e7384a62624fd618e9a5a39885932d95b19f19c8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
last-modified: Wed, 20 Oct 2021 10:30:30 GMT
server: nginx/1.16.0
etag: W/"616fefc6-239b2"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=1800
expires: Mon, 01 Nov 2021 12:18:37 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 69ms
22ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-9513496-1&cid=768733007.1635767316&jid=1828687108&gjid=106906383&_gid=2115691587.1635767317&_u=aCjAAEACQAAAAC~&z=858860467

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.otempo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 01 Nov 2021 11:48:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vittorio-medioli.jpg
www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/ 2 KB
2 KB 125ms
123ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486894:1621362995/vittorio-medioli.jpg?f=1x1&w=128&$p$f$w=63cd876

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

027ec24ad8c31ce3d970ce5860a15c734cdb1aa13c9857f5b94da5298645943b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2486894:1621362995"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 273
x-rendered-image-height: 128
content-length: 1550
x-original-image-height: 276
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 WhatsApp_Image_2021-05-30_at_15.28.06-removebg-preview.png
www.otempo.com.br/image/contentid/policy:1.2492272:1622455686/ 31 KB
31 KB 136ms
133ms Image
image/png 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2492272:1622455686/WhatsApp_Image_2021-05-30_at_15.28.06-removebg-preview.png?f=1x1&w=128&$p$f$w=5255cc1

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

7c7fbe70afb1f1facbf73b3d120bc0f6e6f0dae1c5b629160fefd56d546dbdb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 612
content-type: image/png
access-control-allow-origin: *
x-original-image-height: 408
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2492272:1622455686"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 Recorte.png
www.otempo.com.br/image/contentid/policy:1.2547271:1632688090/ 24 KB
24 KB 128ms
122ms Image
image/png 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2547271:1632688090/Recorte.png?f=1x1&w=128&$p$f$w=77ad963

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

70c4628f16336e32e13db59b74f4b7890de61f8b9b725391a066ad3e25be3b3c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 640
content-type: image/png
access-control-allow-origin: *
x-original-image-height: 640
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2547271:1632688090"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 bruno-voloch.jpg
www.otempo.com.br/image/contentid/policy:1.2486972:1621368648/ 2 KB
2 KB 136ms
131ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486972:1621368648/bruno-voloch.jpg?f=1x1&w=128&$p$f$w=4ea261d

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c780d2d44a98ec8b4999956aba58e4e51ce5cfc28c63787dccb144af156b3895

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2486972:1621368648"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 338
x-rendered-image-height: 128
content-length: 1728
x-original-image-height: 336
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 laura-medioli.jpg
www.otempo.com.br/image/contentid/policy:1.2487293:1621434271/ 3 KB
3 KB 129ms
123ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2487293:1621434271/laura-medioli.jpg?f=1x1&w=128&$p$f$w=90c0afe

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

9a386695457a1d725f9381a0090731518de37c306c1df093eab9aa4386545315

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 376
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 250
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2487293:1621434271"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 carpinejar.jpg
www.otempo.com.br/image/contentid/policy:1.2486898:1621363332/ 3 KB
4 KB 234ms
228ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486898:1621363332/carpinejar.jpg?f=1x1&w=128&$p$f$w=1a1e35f

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

5ca675057ffeda71c6452c7d0f6bf33b5a878caf967ba154e4518f8eb0a00b54

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 269
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 213
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2486898:1621363332"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 tatiana-lagoa.jpg
www.otempo.com.br/image/contentid/policy:1.2486891:1621362736/ 3 KB
3 KB 238ms
233ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486891:1621362736/tatiana-lagoa.jpg?f=1x1&w=128&$p$f$w=cb50e9c

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4fc80bfa632f654315d4904f5f4fec7db5dbd7796cfc718b7d193576ab84dd97

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 612
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 408
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2486891:1621362736"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 cadu-done.jpg
www.otempo.com.br/image/contentid/policy:1.2486977:1622556234/ 1 KB
2 KB 145ms
140ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486977:1622556234/cadu-done.jpg?f=1x1&w=128&$p$f$w=8f4a13a

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3aac2de405a61ad8d55540494885fc47dfc1840a0b0b995fa0ebce371e3ddbc7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2486977:1622556234"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 300
x-rendered-image-height: 128
content-length: 1436
x-original-image-height: 450
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 fabbrini.jpg
www.otempo.com.br/image/contentid/policy:1.2486980:1621369116/ 3 KB
3 KB 239ms
234ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486980:1621369116/fabbrini.jpg?f=1x1&w=128&$p$f$w=4f15985

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

d2d273c4d38d90a4d6dd605627e00483a5fdf7e12e4a87bb96a3ad66296fa880

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 423
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 450
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2486980:1621369116"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 WhatsApp%20Image%202020-03-03%20at%205.53.56%20PM.jpeg
www.otempo.com.br/image/contentid/policy:1.2305571:1583272874/ 1 KB
2 KB 242ms
236ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2305571:1583272874/WhatsApp%20Image%202020-03-03%20at%205.53.56%20PM.jpeg?f=1x1&w=128&$p$f$w=8fc9728

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

4986430f00f2e7e1901f04db4d905a146b0f1b15954258ff77cef33e265825bd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2305571:1583272874"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 787
x-rendered-image-height: 128
content-length: 1274
x-original-image-height: 652
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 gabriel-azevedo.jpg
www.otempo.com.br/image/contentid/policy:1.2486973:1621368753/ 3 KB
3 KB 240ms
235ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486973:1621368753/gabriel-azevedo.jpg?f=1x1&w=128&$p$f$w=a75c546

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

dc9ed0e0f074d6270a4125e665fed05d446740128f4d7f51ada7401e6c1a0f3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 260
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 291
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2486973:1621368753"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 foto1.jpg
www.otempo.com.br/image/contentid/policy:1.2466847:1617291270/ 2 KB
2 KB 242ms
238ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2466847:1617291270/foto1.jpg?f=1x1&w=128&$p$f$w=39cffb4

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2f9bdce130db28a85539ed0526eff3e9aa467d984a3a3fe03dca957642c44859

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2466847:1617291270"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 781
x-rendered-image-height: 128
content-length: 1720
x-original-image-height: 776
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 LELIOSS.jpg
www.otempo.com.br/image/contentid/policy:1.2556992:1634523447/ 2 KB
2 KB 244ms
239ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2556992:1634523447/LELIOSS.jpg?f=1x1&w=128&$p$f$w=8d5fb5d

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

04d07be731cae0706f3461ffaf7da5541f6d1b98345d2c22315b5e073e5a5a2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2556992:1634523447"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 299
x-rendered-image-height: 128
content-length: 1910
x-original-image-height: 233
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 paulo-paiva.jpg
www.otempo.com.br/image/contentid/policy:1.2486971:1621368537/ 2 KB
2 KB 244ms
240ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486971:1621368537/paulo-paiva.jpg?f=1x1&w=128&$p$f$w=c51d66e

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

e21a55e38e165f3dc479790adf3cd1f7ca11550ca278fc93e51b22223f0b9acb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2486971:1621368537"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 165
x-rendered-image-height: 128
content-length: 1942
x-original-image-height: 197
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 MarcusPestana.JPG
www.otempo.com.br/image/contentid/policy:1.2151135:1553131875/ 3 KB
3 KB 246ms
242ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2151135:1553131875/MarcusPestana.JPG?f=1x1&w=128&$p$f$w=d75fdc7

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2742a5761f69ea22f44c1c831d186ea60be98db7918ed864861d601a9256bd5b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 3543
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 5315
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2151135:1553131875"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 helenice.jpg
www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/ 3 KB
4 KB 247ms
243ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2151207:1552941443/helenice.jpg?f=1x1&w=128&$p$f$w=a966ffb

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

8f68a30fc2b89802a145ca90bb186ff86d745e32c156ff6abc147e4c0d6179c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 3258
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 4440
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2151207:1552941443"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 foto2.jpg
www.otempo.com.br/image/contentid/policy:1.2390240:1601046034/ 1 KB
2 KB 252ms
248ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2390240:1601046034/foto2.jpg?f=1x1&w=128&$p$f$w=c891238

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a68634b58dc205424e8787adc54156f5071258d9927f6b76d7d89e8ae4e1ec09

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2390240:1601046034"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 405
x-rendered-image-height: 128
content-length: 1522
x-original-image-height: 348
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 WhatsApp%20Image%202020-10-22%20at%2016.21.57.jpeg
www.otempo.com.br/image/contentid/policy:1.2402651:1603394543/ 4 KB
4 KB 348ms
339ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2402651:1603394543/WhatsApp%20Image%202020-10-22%20at%2016.21.57.jpeg?f=1x1&w=128&$p$f$w=b3f6fe8

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

3da147ae238cf8f7d1468848633a36371519ed28b3c5e2bdf22badbfb17a22ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 853
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 1280
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2402651:1603394543"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 doorgal-andrada.jpg
www.otempo.com.br/image/contentid/policy:1.2486985:1621369391/ 3 KB
4 KB 253ms
245ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2486985:1621369391/doorgal-andrada.jpg?f=1x1&w=128&$p$f$w=899b47c

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

c7de4aecf97ae8e56c810f5401958d55ec8cab4583783c253ef91d4f4bc3150a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-rendered-image-height: 128
date: Mon, 01 Nov 2021 11:48:37 GMT
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
x-original-image-width: 450
content-type: image/jpeg
access-control-allow-origin: *
x-original-image-height: 450
cache-control: max-age=14400
x-gocache-cachestatus: HIT
etag: "policy:1.2486985:1621369391"
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 @CANDIDATO_ELEICAO_2018-DEPUTADO_FEDERAL-REGINALDO-LOPES_0289%20(1).jpg
www.otempo.com.br/image/contentid/policy:1.2189917:1559581336/ 2 KB
2 KB 254ms
246ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2189917:1559581336/@CANDIDATO_ELEICAO_2018-DEPUTADO_FEDERAL-REGINALDO-LOPES_0289%20(1).jpg?f=1x1&w=128&$p$f$w=55b058f

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

f617f255fa1d2353551113c1abee6a3960d019007482d7528022de09a23512ec

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2189917:1559581336"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 1902
x-rendered-image-height: 128
content-length: 2084
x-original-image-height: 2535
referrer-policy: origin
server: gocache
x-rendered-image-width: 128
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 arsenal.JPG
www.otempo.com.br/image/contentid/policy:1.2563365:1635689845/ 12 KB
13 KB 255ms
248ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2563365:1635689845/arsenal.JPG?f=3x2&q=0.6&w=400&$p$f$q$w=6284561

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

a56b9b5d08e9b814ff67582bc06866c2e615855839f5bd128ced7dbd8df29b4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2563365:1635689845"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 567
x-rendered-image-height: 266
content-length: 12434
x-original-image-height: 304
referrer-policy: origin
server: gocache
x-rendered-image-width: 400
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 andreia%20de%20jesus.PNG
www.otempo.com.br/image/contentid/policy:1.2563612:1635764728/ 3 KB
4 KB 257ms
249ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2563612:1635764728/andreia%20de%20jesus.PNG?f=3x2&w=200&$p$f$w=efbd131

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

2e0eec7b4ef2c1ee56136cc88c5776a32fea7b88fd6d477f3e1588db23782639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2563612:1635764728"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 569
x-rendered-image-height: 133
content-length: 3544
x-original-image-height: 323
referrer-policy: origin
server: gocache
x-rendered-image-width: 200
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 varginha-cangaco.jpeg
www.otempo.com.br/image/contentid/policy:1.2563398:1635696534/ 24 KB
24 KB 346ms
338ms Image
image/jpeg 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2563398:1635696534/varginha-cangaco.jpeg?f=3x2&q=0.6&w=400&$p$f$q$w=89955c1

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

b09793b2463d1b2e988ac2736ce7bc7e6674325ea3ccd1545e36dec5fb8ebe86

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
x-original-image-height: 540
referrer-policy: origin
server: gocache
x-gocache-image: unmodified
etag: "policy:1.2563398:1635696534"
x-frame-options: SAMEORIGIN
x-original-image-width: 540
content-type: image/jpeg
access-control-allow-origin: *
x-rendered-image-height: 266
cache-control: max-age=14400
x-gocache-cachestatus: HIT
x-rendered-image-width: 400
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 Capa-O-Tempo-01-11-2021.jpeg
www.otempo.com.br/image/contentid/policy:1.2563594:1635761578/ 32 KB
32 KB 350ms
324ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/contentid/policy:1.2563594:1635761578/Capa-O-Tempo-01-11-2021.jpeg?f=sidebar-resize_300&q=0.6&w=300&$p$f$q$w=f483e88

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

ac6a6758edb1eb1f09f3888fdf5e086dc65b18e59e6c93e60fee0952f586d94f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2563594:1635761578"
x-gocache-image: optimized
x-gocache-cachestatus: HIT, REVALIDATED
x-original-image-width: 1136
x-rendered-image-height: 422
content-length: 32322
x-original-image-height: 1600
referrer-policy: origin
server: gocache
x-rendered-image-width: 300
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/ 65 KB
16 KB 334ms
32ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js

Requested by

Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-forms/stable/rdstation-forms.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3029552
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15507
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-10424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vPcs%2Bxu%2BWPq1gnpuzAQU6LsHxwd1MDq7Yjpb6zWBRMZnCQXXWTC9WrrWBwi3wmHgiGL4AfN6Ga66N%2FLkq3nLD32YrjwoHxRFC%2FSOauAWjHlpdA5K%2Bss9sNMUqe%2B4S8oq2CTdhjpr4cAqnELm5p90ce%2Bk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a74e525bb6159fb-MXP
expires: Sat, 22 Oct 2022 11:48:37 GMT

GET
H2 200 banner-camisas-sada-2.jpg
www.otempo.com.br/image/policy:1.2486874:1621361339/ 29 KB
29 KB 323ms
227ms Image
image/webp 170.82.174.10
EPP

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.otempo.com.br/image/policy:1.2486874:1621361339/banner-camisas-sada-2.jpg

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

170.82.174.10 São Paulo, Brazil, ASN266444 (3L CLOUD INTERNET SERVICES LTDA - EPP, BR),

Reverse DNS

Software

gocache /

Resource Hash

10ee842f5c14e29f156af2f2802348ce839e25377da5d5403d3f954ab69575fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
etag: "policy:1.2486874:1621361339"
x-gocache-image: optimized
x-gocache-cachestatus: HIT
x-original-image-width: 750
x-rendered-image-height: 422
content-length: 29454
x-original-image-height: 422
referrer-policy: origin
server: gocache
x-rendered-image-width: 750
x-frame-options: SAMEORIGIN
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
expires: Mon, 01 Nov 2021 15:48:37 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 345ms
98ms Image
image/gif 52.21.62.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=otempo.com.br&p=%2F&u=ucsIdCroe9AiRXM5&d=otempo.com.br&g=66040&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=14977&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3914&t=D4HI3ACK5bGmCh5stADr5fnsDgvJge&V=129&i=O%20TEMPO&tz=0&sn=1&sv=7aLYK5_y26Bv0gSUBN34RLD-30n&sd=1&im=067b07ff&_
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.62.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-62-223.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:37 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 76ms
38ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9513496-1&cid=768733007.1635767316&jid=1828687108&_u=aCjAAEACQAAAAC~&z=775335478

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 77ms
39ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-9513496-1&cid=768733007.1635767316&jid=1828687108&_u=aCjAAEACQAAAAC~&z=775335478

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
eye.rd.services/ 35 B
125 B 204ms
121ms Image
image/gif 35.244.138.111
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eye.rd.services/collect?e=pv&url=https%3A%2F%2Fwww.otempo.com.br%2F&page=O%20TEMPO&eid=70eb7e6c-9131-4d82-aaa2-223f555eaf65&tv=js-1.0.3&tna=cf&aid=9fa296e82a976359fe8ea69a490d6738&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&dtm=1635767317093&vp=1600x1200&ds=1600x15018&vid=1&sid=7180319a-d86b-5fed-908d-916ba5d5adef&duid=064049fe-6133-55f1-9810-318b49f281f4&stm=1635767317096&apikey=9fa296e82a976359fe8ea69a490d6738
Requested by: Host: www.otempo.com.br
URL: https://www.otempo.com.br/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.138.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.138.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
via: 1.1 google
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
170 B 56ms
15ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_n290d848ps6oizzt&rt=731710250&site_id=210916&title=O%20TEMPO&l=https%3A%2F%2Fwww.otempo.com.br%2F
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3d8fb8f42d6977b0742e48ffced1f2a6f7d631dc8e6b83458530d2e4436ed2e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 01 Nov 2021 11:48:37 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 329ms
27ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 506
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=259200
cf-ray: 6a74e5265c990e02-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 04 Nov 2021 11:48:37 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/sensitive/ 0
112 B 14ms
14ms Script
text/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/sensitive/?site_id=210916&time=60&r=731716319
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 01 Nov 2021 11:48:37 GMT
content-type: text/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 30ms
29ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvG8xVGlnCWOXt5K2SAtkJWouOYQL2YurGT0jlkDVbuxkjYP1Ayqq5Rs83406H7_lJ4fmsjbQFpC7jAiLUq5mX8egvsFFVLcSPwBySo9G-3qXQZSzaz-nceAnhlac82fth-g9iQ_Q3EaJPxZbC8AxwTiaAdFXtGElJEIzbTTd4L1LSUKJTCQPNO5ue0WjNbjGRUNJY8CDd_FuZkUc4P3qvCVVOog_xe67kY9ZEIf7tC_jgUihr7U_xy9z8gntMBYbYhCn5UTGqcfMW7ncXgs2lM_-ZjuYvxA-s26ZSaY-6Cp7qSftRakRH0wqaTCxk2ksL5yuaAvMuDWPyL1jIVOqRvJtFj&sai=AMfl-YS_xzkwGGOdLcX-yA3v1VqgrBRhWFX56qOCk3_BrXZqkha29rmrsOWHkTSp13al8n4sbFNvWA3pUSLwwEnqciwbUonHlHfCxfN2ZEmD8CI746cl3Du3QmXkqtETV38&sig=Cg0ArKJSzJ7a2h67i2EoEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 120 KB
37 KB 61ms
24ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.otempo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 11:48:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
27 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ebee7ef384c9b943d3fb54e8d47a13ce9e12acd525f2105a327bd57c012f5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1030 / 555 of 1000 / last-modified: 1635764759"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27381
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 01 Nov 2021 11:48:37 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 16ms
15ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=d0a47qxcg04sr36731742939&area_id=665610&type=base&f=__lxG__.tmp.rot_0yzoulzx809xunv1&rt=731747602
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 10184189200940068f193bd91bc2f2f500d740bc0d1805f7936345f61d65ffe8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 01 Nov 2021 11:48:37 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 16ms
16ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=d0a47qxcg04sr36731742939&area_id=675719&type=dfp&f=__lxG__.tmp.rot_0yzoulzx809xunv1&rt=731747671
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b47a0848f8ced1799f225741823cf3c289522d18a4851b7dcf487e734113c7f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 01 Nov 2021 11:48:37 GMT
content-type: text/html

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0addc3e0bfcecd7e25d798185260e425c0d366a740fd38e763ea3bf9931aa41a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 31ms
31ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucXWnFXqC2hGBleeEiChCpRjOQLTljK9Kt04DLWF3jyq0C8reQGdtHsHC4winnrFLBF9uNu4ep0yVaYZXr0-8w1mDhtgIjh93Bq-P4hIGgvVFj0PqAzSSYvggxHgluGWPCOyQhmBFrz0zRnF4RMUtdjICQpI35NPRuBerMd1UokWgvCmfDyRCO9gRv7g1H4MPPpt_GZAUw8WCH7VMhF3IDFaHzRY1IZ7WnoFpGQCTD4uKwxrxXNqz2zPzl7WkGGtRzDG3pUKP-e2tLMtHtL1nko0nuFI4LAs-X-d_9O5PtNrHv0Be0BnzHoCfY54NFUFU626U3vv2PxLpHuuF3grMoWxSXKnI&sai=AMfl-YSK6ytB5jGFLImWh8xhygii0IRewcHzl3mpldQn2ddsYw0iCe-FE8Hyu1lMKqTKaosfLB06NJPAkiTHRw35IvEBJb59Xnt6JrFA3GZd2kUx4TKsTSQO_xUT9MrzjQQ&sig=Cg0ArKJSzLRg8nJq6QI7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:37 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 01 Nov 2021 11:48:37 GMT

GET
H2 200 rdstation-popup.min.js Show response
d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/ 194 KB
54 KB 10ms
9ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbed74f9419f746c7328ae9f9c52a1e6428e73bfea7fa6e136d08250db104db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: LrV3IVTGlDmhZMCfsI7oeMLHGpzEC63w
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 20:57:19 GMT
server: AmazonS3
age: 53470
etag: "b2c31b3a024e6ab4eb660fbe44482a20"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
date: Sun, 31 Oct 2021 20:57:29 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 55243
x-amz-cf-id: bx68kXzF2x3bVhbzwLf0nMLOIbwOAHfDMGE3FYNjgDruJO_I7TrHTg==

GET
H2 200 rd-js-integration.min.js Show response
d335luupugsy2.cloudfront.net/js/integration/stable/ 13 KB
5 KB 18ms
16ms Script
application/javascript 143.204.101.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d335luupugsy2.cloudfront.net/js/integration/stable/rd-js-integration.min.js?v=1
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/loader-scripts/1cf70b28-39ff-4e37-a5a4-141613cba375-loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-189.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72c92c94f2b9e99353c6d70c304dcaee25403167c1153eea99e97852df554cfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 05:49:14 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 13:01:40 GMT
server: AmazonS3
age: 21565
etag: "415f5ae05fe92ac57986712a9c5d3c82"
x-cache: Hit from cloudfront
x-amz-version-id: auUn6nPPDKXTfrfPugHZt.wMzszJyjea
via: 1.1 45de888accabe1a1cb5a389e8c9c1e07.cloudfront.net (CloudFront)
cache-control: max-age=86400, must-revalidate
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 4644
x-amz-cf-id: mumkYv25Ez8WeV_vSbZA023a9CRqLo4Gpx_yMEN4Zb9CssFyvtlAog==

GET
H2 200 show.json Show response
popups.rdstation.com.br/popup/ 13 B
79 B 353ms
112ms XHR
application/json 34.68.90.188
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://popups.rdstation.com.br/popup/show.json?account_id=205446&uniq=_vf86cu9kt&ref=aHR0cHM6Ly93d3cub3RlbXBvLmNvbS5ici8%3D
Requested by: Host: d335luupugsy2.cloudfront.net
URL: https://d335luupugsy2.cloudfront.net/js/rdstation-popups/bricks/rdstation-popup.min.js?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.68.90.188 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 188.90.68.34.bc.googleusercontent.com
Software: /
Resource Hash: 96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:38 GMT
content-length: 13
content-type: application/json

POST
H2 200 / Show response
rum.goedge.me/health/ 7 B
140 B 189ms
189ms XHR
text/html 34.107.182.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.goedge.me/health/
Requested by: Host: rum.goedge.me
URL: https://rum.goedge.me/gocache-rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.182.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://www.otempo.com.br/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: gzip
server: Google Frontend
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 1c9da54a8ebc769105597b2f564da2c7
cache-control: private
function-execution-id: efvkfewe6csa
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43", clear
content-length: 27
via: 1.1 google

OPTIONS
H2 204 /
rum.goedge.me/health/ Frame 0
0 198ms
198ms Preflight
text/html 34.107.182.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rum.goedge.me/health/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.182.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.182.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.otempo.com.br
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
content-type: text/html; charset=utf-8
function-execution-id: ge7t5ic6hgfq
x-cloud-trace-context: 17026649e861dde5e2af1c8b6acb57a4
date: Mon, 01 Nov 2021 11:48:38 GMT
server: Google Frontend
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" clear
via: 1.1 google

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 26ms
25ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 324ms
23ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.otempo.com.br

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 242ms
241ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

cd02f343591baac76956e13a79421b4748836fa80a7b61138cbb93d510a36f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10173
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.otempo.com.br
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 15ms
15ms Script
text/html 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=d0a47qxcg04sr36731742939&area_id=675719&type=dfp&policy=ok&sub_id=1&f=__lxG__.tmp.rot_avw4k9sesw1xdf6h&rt=731843905
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/210916/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 50117e23f7a0e63cef0b0c4a80d76fba98a1faf01cec5447a2fa892d189c3977

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 01 Nov 2021 11:48:38 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02NjI2ODB+NjYyNjg3fjY2MzIxOH42NjU2MjZ+NjY1NjI1fjY3MjA2MX42NzIwNjB+NjcyMDY3fjY3NjM5OH42NzYzOTd+Njc1NzU4fjY2NTYxMH42MjYyODd+NjI2Mjg1fjY1NTc5NH42NTkxNTh+NjY1MjU1fjY1O... 38 B
206 B 19ms
19ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02NjI2ODB+NjYyNjg3fjY2MzIxOH42NjU2MjZ+NjY1NjI1fjY3MjA2MX42NzIwNjB+NjcyMDY3fjY3NjM5OH42NzYzOTd+Njc1NzU4fjY2NTYxMH42MjYyODd+NjI2Mjg1fjY1NTc5NH42NTkxNTh+NjY1MjU1fjY1OTE3MH42NjU2MDd+NjY1NjA1fjY2NTYxMX42NzU3MTl+NjY1NjE1fjY2NTYxM342NjU2MTAmc3NpZD1+MSZhY3Q9ZGV2X3RhcmdfcmVtfi1+LX4tfi1+LX4tfi1+LX4tfi1+Zm5kX29uX3BnfnJ0cl92YXJfY2hzbn4tfi1+LX4tfi1+LX4tfi1+LX4tfi1+dGdsX3NfMCZ1cmw9fnd3dy5vdGVtcG8uY29tLmJyJnZjbnQ9MjUmX2Y9X19seEdfXy50bXAubG9nc3Rfb2thMGdua3Rqa3N5djV2Ng/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ae36fdaa8954bc0d2b972880ba7d5138e8291cb555a4f2334fb0bd03dc6a7a17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02NjU2MTl+NjY1NjE3fjY2NTYyM342NjU2MjF+NjY1NjI3fjY2NTYzMX42NjU2Mjl+Njc3Nzg2fjY3Nzc4NH42Nzc3OTB+Njc3Nzk1fjY3Nzc5M342Nzc3OTJ+Njc1NzE5fi0mc3NpZD1+MSZhY3Q9cnRyX3Zhcl9ja... 38 B
206 B 18ms
18ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02NjU2MTl+NjY1NjE3fjY2NTYyM342NjU2MjF+NjY1NjI3fjY2NTYzMX42NjU2Mjl+Njc3Nzg2fjY3Nzc4NH42Nzc3OTB+Njc3Nzk1fjY3Nzc5M342Nzc3OTJ+Njc1NzE5fi0mc3NpZD1+MSZhY3Q9cnRyX3Zhcl9jaHNufi1+LX4tfi1+LX4tfi1+LX4tfi1+LX4tfnJ0cl92YXJfaW5zdGFsbH50Z2xfc18xX2RmcCZ1cmw9fnd3dy5vdGVtcG8uY29tLmJyJnZjbnQ9MTUmX2Y9X19seEdfXy50bXAubG9nc3RfYm04dWxtamJsczA1dTFuaA/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/common_258.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b7713945f0eb31de3278249e78eeb7126c636a5f008df5dc0b5d7457df69266b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:38 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 container.html Show response
dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E366 6 KB
3 KB 315ms
14ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 01 Nov 2021 11:48:36 GMT
expires: Tue, 01 Nov 2022 11:48:36 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfc3JlbmR+Z19ldl9zcmVuZF9sbHZfMX5nX2V2X3NyZW5kX25lfmdfZXZfc3JlbmRfbmVfbGx2XzF+Z19ldl9zcmVxfmdfZXZfc3JlcV9sbHZfMX5nX2V2X3NyZXNwfmdfZ... 38 B
206 B 18ms
18ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfc3JlbmR+Z19ldl9zcmVuZF9sbHZfMX5nX2V2X3NyZW5kX25lfmdfZXZfc3JlbmRfbmVfbGx2XzF+Z19ldl9zcmVxfmdfZXZfc3JlcV9sbHZfMX5nX2V2X3NyZXNwfmdfZXZfc3Jlc3BfbGx2XzF+c2xvdF9hZG1fcmVwbHl+c2xvdF9hZG1fcmVwbHlfbGx2XzF+c2xvdF9jYWxsX2FkbX5zbG90X2NhbGxfYWRtX2xsdl8xfnNsb3RfaGJfZW5kfnNsb3RfaW5fcGd+c2xvdF9sbF92YXJfMX5zbG90X3JuZHJfY2xsfnNsb3Rfcm5kcmRfY29udGVudH50Z2xfc18yX29rfnRnbF9zXzJfb2tfb2t+dW5pdF9oYl9lbmQmdXJsPX53d3cub3RlbXBvLmNvbS5iciZ2Y250PTIwJl9mPV9fbHhHX18udG1wLmxvZ3N0X3NnYmpmMmphdW9oZnVkM2M/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/210916/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 76501ecd63b29f261443a138d974ce3c1abab0b10025ddd19757e64f79da83cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:39 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D094 624 B
733 B 69ms
31ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWFEK35ZheRP11VPlr192lZilj2c0nGiWn1chFYj--z4dio9kMFUJEB48BMDQKKphnR1KSeJeJsFytQhJUqJKznUI1wckct_kzp7Dzazkeix0Nk7gTUcbQD8gzTBbHrYgZ2QXtCAZnoTSbhC9fPGIt385_Ht-1I2f_Wly8SporhhWsrQGQ

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 01 Nov 2021 11:48:39 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E366 26 KB
14 KB 84ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQjIf4g4Tnw5OVOzDRqGTLMo3CSnmn1nV3-7u62bWtY9U8NQbkdbuZHt4Ok1rdVbHcrFc4Q_qykNlsFC-oB2WjL-OzGUj491aosJth6yzbmk5hzteFQzME4WBxl-I_tNM7oKC0BMV6zhBmuRGqUOJF-cSeQQ&cry=1&dbm_d=AKAmf-B8CL8DprxgklNTOk88WM-eKs80MrtVWdr7cX8rMJSWiuCmBCkQstWZ3J2ZO3Mmh_qHx40ARPwGPAIpxPu4Ln1rN3WVRxa7ThyYk5muTXRSmLoPW_1IsKjxxUnclCgGTRpEVSQtu-upisSZD3Biqm8Sy0SbAcNnvcokllhKLXt3iccWqFzDCXSheCap9cBXh7PFEgO7CYx1C0qpB19ij5_-M2Y5mbX-a5wY5sVQdHqb97R5oH6oxpPmKX6MW32gT3fDcF-2P1Vj0bIdfmry8IeUvJjHmw00BkD9V8zVmYzCHWBgs3LJGNSiISsDTV2gAW0r-34Yd_CEj47NSovJQ_2sXsLCnlW8gBWlS6cUNbfjGIEIxMcopk_U0vd--qJtzC8VBYSrPHKhj_iqC-gn_2b4juEudF-Y6wKJeJlXdO4pgDX-qQc-IyxJNB4HGofBrhaioSLLAeuD1ukd3GuluVEDAKcSO8v0Tb5i7_Alzk3gl-4z9k2JuOlxH9Cq_C2xLBPc-ROMADy8km75N9l-Ux0zgbR6gxNdiS_4fdr5KOO3PRtdbPVoifNkMBDjhMGX6bKnYtHTiL3I4A9S4Jp2miaWbeIyYvM9WsLhKNtMqeVjUdPLtlZC5q964DU-2fOoP4iVuXqNN7ihr_PzapFANl3g1ozdr436tLAOh1uMgieL9JTHcY5M0m8xXJGZC7tbPlOEyhmOnD63gUMYIG2SDerRy_4bWaCqdYQm9u23X7CJ_uvGhNeFuf8XI8Ahdm8io3CxTJRn9AztOSKNxzHr4D79_FLlsPFfIUbcTM2cK4w7BkuIj4FXxyBOJ4tsKS6BvWnx1KlmvzyZmd20-uxaiUHPG7NEYmOuJgkGuKHp21I9FL3D9RD5x0l3mBhSIBc9-bwSRkIk3AMKRfP6k6CpJVA9LZPw35U9NKhzompD6DwNOWHFBzeKOZJk0WZSRPccsODYtEwQKhEBXS2CT-4VUXddh2QXOC5-0BhyzT_Cy2mBf9tEKvpyMoQdYUKkp9tWtvwwQARSW98Q0L-pVvumQePVrFYIFoxFVBH5SUsx6gLaWdkWELXno6WTF3N5xgXHnFVuL_mvggdWh6VGMpgpNzLgeDdW7c20G0tQtJ3o_4UlLu5MT6PL2rZBmEcSgvZem8Y-OObBY7_N2F9qiC0C_tUapZg6ogZtdRruDqkgDlVSRRNvXOCgVe5ZJLsMqCUxHUjjxrwcEZGj-orZbsS94lAzGceSfx5XnrGOoMS9uNV6LFOcvxKXj3aqTzNVHjFTX3hXJP1FeR9xSZpXRaRiqrn1BjpV0LNCqaK-tt13rMk5d6BFQ5RgBd8NY8loUlOtpmYnm0zy_-aRPUYEm6cgYDlKSg8YldIKk4G1f72H1F0QTlA9c0AmbbVDLDHkQk2yjoUFdJBqrul7jMlOqmiDtvmeVGWsMk8rMJsCkqHanKHStWVxBnD2hK12ooSXGUgstb1InckdaI4vk2Rwv0CIktlCdrnrmoMpqz8Y9Q5dspYiNElvmmZqwYIMFklE_6uJWyI9DguwCdKvY52Mzx7OXAOXUdF1-3548O8_OfL-7yKZ3xqKaQublqsycjHN7Ddbe6i_NQIV0ykiSpGNcxMCkcuL5cm0ay2GceWlQL8w9zD2qyEXR6ecR_1BzjhdFR9dZFPNTYDuMXi17zfR5-HJhzYK0po94_bfAsac6XME2fBFqq9zRAkEgL8nNPzG1gXR7jvszLKXC848csXUy4AxYVmrPF3De_LGz-MGsTg8EEzozKat7eXnMnv3OVYEwKksVe82GJZer8_aSJiDKdc2byvIL9QBAvUNsybItOPyoI9Wl7_Wy3t5PgOs0zamzYg1nmvWh46Z10i1Y3LxpAQ1gwQe6iIl53tTp_KQz76v5ET8GhgDnx52FkeKBMWxGITRrH1-AxABClsC0A0sBlho6nfmGfADJ0Ld1b6r2_13E6fNxoWf292r-wkIWsHfIZ4MtSJvdlUakjvpTOBmlvOsfjg-YfF6CWyZLASEohPIt8dik28Q1YAeU-XnOKKgIsn4kkWZ5D59Unh0E6QBPJSXRkYxYVMJ_kfnOTdGrEtUOoqFumXUdJPIDw4itmXVSEg87UiI0A1eDPLuvZ6niOESnfD8hFcJEWGms-r2zb4-5veWQQ-84IHwzWVIf1QJkFEmSMaBh4dt6Iny3Bzr1J2ceObuanNhkIB4hhU4Qy4hH1cP4keohGaXv9qC4m0cxlwLgYQog_zewut7u3awj39D67X5UiYWbiFZBBunxBjURKx_aTWvdSccL_qMtao4gj9cRCi5u-7pUNbY-xgvwAWnyAQS1Pp1s8oPptxO9sktGM9gC72OxU1Zd0-NnIf89Sln77IC_dyZ93AsMmJ5Hv0cN2n3tpx5GwE6_y8ih8GT77qvckVhil91VMrzYii5U6FiPURO4rixo8BNY8iBUXYsvEirQh49XSmQkqBsRARHRwom2dMw9q2nkKboPWSKiUel4NqalGc3ryhCgmSdywfCHsIc1bpf9xcv9X7fil2JfLmaZiHKRbesLzSLA-1yIraqw0g_RLpmDjcZVFQZa__lNVdjvIBLTr8-kgNLGhdCEZaRNOqWGKY0gtAhW4RR8K57mYT4JVv1EkQKptrsc8lRr3xzCSOVKM7bxqRdcvvHE6qgrCzLwai7H1n8fdJ-I2YrMWA8iYNZnzigaKjhZiNFiqNd6x-NwC_XY5mVhxNlxUGuVZj1e__OZgqY5AsclJ-8yyBMfVS6c1IQ2Yt2h25LQ59Qb_dDwdBQmJLVMaFwWeHqkTOlsMxFxFxIyBp9VvzuJqRlGPGu1ZApuvi3Kf6HuBnQXjyL_paK6Uxzm76oPJMjfdCL-4nz5zq57m0fPJYByEt1OQ-bXy72v6zdhhKtjrOvW5_FNfDjJxt3prDw_4oPx1nwBZl1dCrXyye25LhdZgCMeRJC8PEy70iMXeHdxkbqHVIJbRTTklCr2lIr2APNEOfzrpyaWsloj5ev0RVN18js6OGlBApW5sn49W9GW41yCAThp0XEtWcVF0FJ5CCtnoU2esplhYNoynyXObllzkiPJmW855kOVLrRGoKrG6fK9JZK3NFdt7rnNO42ptilXkHXnJ-WSOfGY-mv5SWh15SiRrz8eAzB14RaoWA7jcjLUMmOnHVsFbUPUd9l2hMo50I3m0stacAz18pyVDGaddemaaWBFVMY6u2BPR1LXhQDoCoruc2Xe1Xfdmgztv-aA3zrZgZVhLw2idqprucCmwVIzVReznmkWcO-Uofe-ke8DnjSgGPSOQdje5DNWWx6-RtIJyKIePo5HWzga0pqmyaTfNNk8gmSUyEHzZh8-g1p5CodAmJSsMmc8HpWu8ZE28rX2dWuFaXy_vMhH-mLt4ETwR_OU5cBj37IjodaPaGycVoq4w&cid=CAASEuRoC8AqoU14n5sYmBi4Jyys8A&rfl=1%2Chttps%253A%252F%252Fwww.otempo.com.br%252F%240

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1b3e52d1e2a6447cb44e926b678e462e533250d2005125584da884dd1ef377

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13727
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E366 42 B
300 B 42ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AwqC455k2Ggr7JDSJuGIws_wc9uVaYPlbHyevqt4Gkal7OhOziawQLh8_Fli8-Hk3-ofMzqOuXUFXYqnUF_qhwQQuCELnMHst_4ZaBZHrAtSOX3Kg

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame E366 3 KB
2 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/window_focus_fy2019.js

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:45:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 11:45:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E366 120 KB
37 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635161763799786"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 01 Nov 2021 11:48:39 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/ Frame E366 14 KB
7 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211027/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6337
x-xss-protection: 0
server: cafe
etag: 7721474052657771746
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 11:45:34 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E366 0
0 23ms
22ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC1ik7270uMc173JIAeEox2LhJxIuEoablCTJz9iD43ySnhzRwqfRtYxVEdzNNrvNR6rXf_UBRQMvcZu8Fnc4urR9X8A
Requested by: Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D094
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1&C=1

43 B
1014 B

37ms
37ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWFEK35ZheRP11VPlr192lZilj2c0nGiWn1chFYj--z4dio9kMFUJEB48BMDQKKphnR1KSeJeJsFytQhJUqJKznUI1wckct_kzp7Dzazkeix0Nk7gTUcbQD8gzTBbHrYgZ2QXtCAZnoTSbhC9fPGIt385_Ht-1I2f_Wly8SporhhWsrQGQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 11:48:39 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 01 Nov 2021 11:48:39 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D094
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YX-UF435mf0KdkYZhn8iGwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1

43 B
894 B

30ms
30ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWFEK35ZheRP11VPlr192lZilj2c0nGiWn1chFYj--z4dio9kMFUJEB48BMDQKKphnR1KSeJeJsFytQhJUqJKznUI1wckct_kzp7Dzazkeix0Nk7gTUcbQD8gzTBbHrYgZ2QXtCAZnoTSbhC9fPGIt385_Ht-1I2f_Wly8SporhhWsrQGQ
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Nov 2021 11:48:39 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEC3sHC4mI20FN6cRpa3SqBc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame D094
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHeRFEvtK8nJPs90t10fHlw&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeRFEvtK8nJPs90t10fHlw%26google_cver%3D1

43 B
1 KB

26ms
26ms

Image
image/gif

185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeRFEvtK8nJPs90t10fHlw%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYvNLFlQEwAQ&v=APEucNWFEK35ZheRP11VPlr192lZilj2c0nGiWn1chFYj--z4dio9kMFUJEB48BMDQKKphnR1KSeJeJsFytQhJUqJKznUI1wckct_kzp7Dzazkeix0Nk7gTUcbQD8gzTBbHrYgZ2QXtCAZnoTSbhC9fPGIt385_Ht-1I2f_Wly8SporhhWsrQGQ

Protocol

HTTP/1.1

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: cf84040b-04a1-4552-b175-51ba3c413ebd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f605fbe1-0b05-46d1-857d-5311b3db7d91
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHeRFEvtK8nJPs90t10fHlw%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D094
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAyNTIwMzU2OTgwMjA0Mzc1Mg%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAyNTIwMzU2OTgwMjA0Mzc1Mg%3D%3D

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
X-Proxy-Origin: 185.232.23.178; 185.232.23.178; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ebdcf0cb-9b6c-4a4c-8ee6-9c5f4f3dbc65
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjAyNTIwMzU2OTgwMjA0Mzc1Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/ Frame E366 24 KB
9 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211027/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BQjIf4g4Tnw5OVOzDRqGTLMo3CSnmn1nV3-7u62bWtY9U8NQbkdbuZHt4Ok1rdVbHcrFc4Q_qykNlsFC-oB2WjL-OzGUj491aosJth6yzbmk5hzteFQzME4WBxl-I_tNM7oKC0BMV6zhBmuRGqUOJF-cSeQQ&cry=1&dbm_d=AKAmf-B8CL8DprxgklNTOk88WM-eKs80MrtVWdr7cX8rMJSWiuCmBCkQstWZ3J2ZO3Mmh_qHx40ARPwGPAIpxPu4Ln1rN3WVRxa7ThyYk5muTXRSmLoPW_1IsKjxxUnclCgGTRpEVSQtu-upisSZD3Biqm8Sy0SbAcNnvcokllhKLXt3iccWqFzDCXSheCap9cBXh7PFEgO7CYx1C0qpB19ij5_-M2Y5mbX-a5wY5sVQdHqb97R5oH6oxpPmKX6MW32gT3fDcF-2P1Vj0bIdfmry8IeUvJjHmw00BkD9V8zVmYzCHWBgs3LJGNSiISsDTV2gAW0r-34Yd_CEj47NSovJQ_2sXsLCnlW8gBWlS6cUNbfjGIEIxMcopk_U0vd--qJtzC8VBYSrPHKhj_iqC-gn_2b4juEudF-Y6wKJeJlXdO4pgDX-qQc-IyxJNB4HGofBrhaioSLLAeuD1ukd3GuluVEDAKcSO8v0Tb5i7_Alzk3gl-4z9k2JuOlxH9Cq_C2xLBPc-ROMADy8km75N9l-Ux0zgbR6gxNdiS_4fdr5KOO3PRtdbPVoifNkMBDjhMGX6bKnYtHTiL3I4A9S4Jp2miaWbeIyYvM9WsLhKNtMqeVjUdPLtlZC5q964DU-2fOoP4iVuXqNN7ihr_PzapFANl3g1ozdr436tLAOh1uMgieL9JTHcY5M0m8xXJGZC7tbPlOEyhmOnD63gUMYIG2SDerRy_4bWaCqdYQm9u23X7CJ_uvGhNeFuf8XI8Ahdm8io3CxTJRn9AztOSKNxzHr4D79_FLlsPFfIUbcTM2cK4w7BkuIj4FXxyBOJ4tsKS6BvWnx1KlmvzyZmd20-uxaiUHPG7NEYmOuJgkGuKHp21I9FL3D9RD5x0l3mBhSIBc9-bwSRkIk3AMKRfP6k6CpJVA9LZPw35U9NKhzompD6DwNOWHFBzeKOZJk0WZSRPccsODYtEwQKhEBXS2CT-4VUXddh2QXOC5-0BhyzT_Cy2mBf9tEKvpyMoQdYUKkp9tWtvwwQARSW98Q0L-pVvumQePVrFYIFoxFVBH5SUsx6gLaWdkWELXno6WTF3N5xgXHnFVuL_mvggdWh6VGMpgpNzLgeDdW7c20G0tQtJ3o_4UlLu5MT6PL2rZBmEcSgvZem8Y-OObBY7_N2F9qiC0C_tUapZg6ogZtdRruDqkgDlVSRRNvXOCgVe5ZJLsMqCUxHUjjxrwcEZGj-orZbsS94lAzGceSfx5XnrGOoMS9uNV6LFOcvxKXj3aqTzNVHjFTX3hXJP1FeR9xSZpXRaRiqrn1BjpV0LNCqaK-tt13rMk5d6BFQ5RgBd8NY8loUlOtpmYnm0zy_-aRPUYEm6cgYDlKSg8YldIKk4G1f72H1F0QTlA9c0AmbbVDLDHkQk2yjoUFdJBqrul7jMlOqmiDtvmeVGWsMk8rMJsCkqHanKHStWVxBnD2hK12ooSXGUgstb1InckdaI4vk2Rwv0CIktlCdrnrmoMpqz8Y9Q5dspYiNElvmmZqwYIMFklE_6uJWyI9DguwCdKvY52Mzx7OXAOXUdF1-3548O8_OfL-7yKZ3xqKaQublqsycjHN7Ddbe6i_NQIV0ykiSpGNcxMCkcuL5cm0ay2GceWlQL8w9zD2qyEXR6ecR_1BzjhdFR9dZFPNTYDuMXi17zfR5-HJhzYK0po94_bfAsac6XME2fBFqq9zRAkEgL8nNPzG1gXR7jvszLKXC848csXUy4AxYVmrPF3De_LGz-MGsTg8EEzozKat7eXnMnv3OVYEwKksVe82GJZer8_aSJiDKdc2byvIL9QBAvUNsybItOPyoI9Wl7_Wy3t5PgOs0zamzYg1nmvWh46Z10i1Y3LxpAQ1gwQe6iIl53tTp_KQz76v5ET8GhgDnx52FkeKBMWxGITRrH1-AxABClsC0A0sBlho6nfmGfADJ0Ld1b6r2_13E6fNxoWf292r-wkIWsHfIZ4MtSJvdlUakjvpTOBmlvOsfjg-YfF6CWyZLASEohPIt8dik28Q1YAeU-XnOKKgIsn4kkWZ5D59Unh0E6QBPJSXRkYxYVMJ_kfnOTdGrEtUOoqFumXUdJPIDw4itmXVSEg87UiI0A1eDPLuvZ6niOESnfD8hFcJEWGms-r2zb4-5veWQQ-84IHwzWVIf1QJkFEmSMaBh4dt6Iny3Bzr1J2ceObuanNhkIB4hhU4Qy4hH1cP4keohGaXv9qC4m0cxlwLgYQog_zewut7u3awj39D67X5UiYWbiFZBBunxBjURKx_aTWvdSccL_qMtao4gj9cRCi5u-7pUNbY-xgvwAWnyAQS1Pp1s8oPptxO9sktGM9gC72OxU1Zd0-NnIf89Sln77IC_dyZ93AsMmJ5Hv0cN2n3tpx5GwE6_y8ih8GT77qvckVhil91VMrzYii5U6FiPURO4rixo8BNY8iBUXYsvEirQh49XSmQkqBsRARHRwom2dMw9q2nkKboPWSKiUel4NqalGc3ryhCgmSdywfCHsIc1bpf9xcv9X7fil2JfLmaZiHKRbesLzSLA-1yIraqw0g_RLpmDjcZVFQZa__lNVdjvIBLTr8-kgNLGhdCEZaRNOqWGKY0gtAhW4RR8K57mYT4JVv1EkQKptrsc8lRr3xzCSOVKM7bxqRdcvvHE6qgrCzLwai7H1n8fdJ-I2YrMWA8iYNZnzigaKjhZiNFiqNd6x-NwC_XY5mVhxNlxUGuVZj1e__OZgqY5AsclJ-8yyBMfVS6c1IQ2Yt2h25LQ59Qb_dDwdBQmJLVMaFwWeHqkTOlsMxFxFxIyBp9VvzuJqRlGPGu1ZApuvi3Kf6HuBnQXjyL_paK6Uxzm76oPJMjfdCL-4nz5zq57m0fPJYByEt1OQ-bXy72v6zdhhKtjrOvW5_FNfDjJxt3prDw_4oPx1nwBZl1dCrXyye25LhdZgCMeRJC8PEy70iMXeHdxkbqHVIJbRTTklCr2lIr2APNEOfzrpyaWsloj5ev0RVN18js6OGlBApW5sn49W9GW41yCAThp0XEtWcVF0FJ5CCtnoU2esplhYNoynyXObllzkiPJmW855kOVLrRGoKrG6fK9JZK3NFdt7rnNO42ptilXkHXnJ-WSOfGY-mv5SWh15SiRrz8eAzB14RaoWA7jcjLUMmOnHVsFbUPUd9l2hMo50I3m0stacAz18pyVDGaddemaaWBFVMY6u2BPR1LXhQDoCoruc2Xe1Xfdmgztv-aA3zrZgZVhLw2idqprucCmwVIzVReznmkWcO-Uofe-ke8DnjSgGPSOQdje5DNWWx6-RtIJyKIePo5HWzga0pqmyaTfNNk8gmSUyEHzZh8-g1p5CodAmJSsMmc8HpWu8ZE28rX2dWuFaXy_vMhH-mLt4ETwR_OU5cBj37IjodaPaGycVoq4w&cid=CAASEuRoC8AqoU14n5sYmBi4Jyys8A&rfl=1%2Chttps%253A%252F%252Fwww.otempo.com.br%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9375
x-xss-protection: 0
server: cafe
etag: 6887285106501176819
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 Nov 2021 11:45:17 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E366 41 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 01 Nov 2022 11:10:41 GMT

GET
H/1.1 200
OK 4727t6qteyti Show response
hal9000.redintelligence.net/zone/ Frame E366 11 KB
4 KB 43ms
13ms Script
text/html 138.201.63.164
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4727t6qteyti?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D
Requested by: Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.164 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.164.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 88eb1e5c85808037aff5bab91a5b2d29e9990c2d2e5710f3fccf6d406c8fa275

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 11:48:39 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3952
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AC9D 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 01 Nov 2021 11:10:41 GMT
expires: Tue, 01 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2278
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js Show response
pagead2.googlesyndication.com/bg/ Frame AC9D 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xS6JB0ywRAptsFOT5LlkHzkyWwWFpYCRTNQA3ELqIG4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 29 Oct 2021 18:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 234268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13354
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 29 Oct 2022 18:44:11 GMT

GET
H/1.1

200
OK

request.php Show response
hal90005.redintelligence.net/ Frame E366
Redirect Chain

https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

100ms
77ms

Script
application/x-javascript

138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D&documentReferer=https%3A%2F%2Fwww.otempo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.otempo.com.br&random=6362435446061&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: be9ebd28c7b7696b0137018add6be6be4747b0e80d9b131d89a8fb56ab98e1e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 24157800094007200710612011765005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 891
Expires: Mon, 01 Nov 2021 11:48:39 +0100

Redirect headers

Pragma: no-cache
Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D&documentReferer=https%3A%2F%2Fwww.otempo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.otempo.com.br&random=6362435446061&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Mon, 01 Nov 2021 11:48:39 +0100

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC9D 0
58 B 43ms
43ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRFwhF9R_YaGxCZ-S7_UP7P-BsAMAAAAAOAHgBAI&bg=!z8ylzIjNAAZzbWp4c207ACkAdvg8WmcXcyL-Z9ocQEyzvzBrq3bI7Mq6EFkmcTjlyGFzEWtoqfQs0QIAAABpUgAAAAloAQcKADRWC8GX20I3PsQg23qSJ0VZzx1kCzWLJhzNC9BMsprDPeVBU4qOmA-64gl0-29ZuFdtNY1wmQMUTJHFmGiXZZZU1yP8xy0HMiGUO5FZsb9XuUzH0R0eIaTHCpn6V8oS6uE7m6l-9yHgJ_GV8aQ5qkjwAWxsyXRYbu_yJeYjBxjW8dKHjuIRIGJ5LkYTsATbnPOls9QBdX-iNyvZcQXuxt_5D5UiBiqHj7pKzntYQpXh1vnzyXcofLeizRhJQLyJTwO3BMDbi9_eXsoolItHEx8bf7MN9ZgPEII2JIKKpUfrCkTF0R8q8QXwSzTCbWfKvzHqrlutu8Jb7PyAdAZheJTNNjXBvdESNchNwqiRH9j0Eh-MidZA76NNnAFLCmO-YqajqCuKxrn3d5zaYv4mWiON8jYPqi8RN5xRsYVh7B75Tko0tnqqlhWTRPlRK2XUQSJYgmViMr4norxqGNyLkk3QVrpJ-AkFCk5zxvcycOS-R-b4C9MnEbyZLb7b1rLlrWoj-pUs8m-E53RQfVsGpJwvwwo2rMx75Fq30w2rwQd-sHxtfH0lC7PYX1ZMpu-GrFYBWrjy_WGABmad3uEtBdoFoHz8rIxrbf4UyZhizioi6vUHD0bKiycweUcLlVEOeQcuH74FlEsoszIXZyeqaloyA22sZ0p7Pu1FCIXAz5DuxzE6F3raS1JhiN3STvOwykdNRfGNgikW5mVfFjpTpqjYXk9csowgfiijGknLlNZi8xCYd7JUIC25DyqNfqpJ5mD32n-R_sHscNX9ihtgSqa1bKKVYpIDk0KKPNW6MZlDOJW8f3oUn0NhsyTbFImoRDgJAly10YS4jLGMLrr3fljXpDDyZMg8teO2g1mtyq62zfF8hecGJnRLXCz5A6NdhQlhLURTcViTsU2Qw_6Sik4-BFIzzYS6TnuW0QBBQB9YnIKtCJyqznROaHPUe946lHmIRP7uZDI-TKAlimWg4VKQkT8UhZY-dJmS0eRPELcV_dF5XeYhNTaCv39ff6ozJWbB8KZTPbwIldJ3Fv09oqQYhRw6VXNbeVy5R0ziQwE3t013k_ylWLvWhJyo2_g-jBx7-ANy_N6NOQlkH4cb81C2S5FJK3PFGyvwLgo

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655 Show response
5994599.fls.doubleclick.net/ Frame 2467
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655?

392 B
347 B

39ms
24ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655?

Requested by

Host: www.otempo.com.br
URL: https://www.otempo.com.br/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

1fe707eb17053b5df59f8a4871a3f83165bf74bbbfa8f529a4a23c25b8c94055

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 01 Nov 2021 11:48:39 GMT
expires: Mon, 01 Nov 2021 11:48:39 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 324
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 01 Nov 2021 11:48:39 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 5A22 4 KB
2 KB 83ms
12ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=4727t6qteyti&nw=20&renderingType=javascript&namespace=eb6acdec45&subid=&uid=942203ba603cd767&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCxrjdFtR_YZOwIczigAfywrEwtc35g1f82Lmr5QzwLhABIKLioyZgleKQgqAHyAEJqQIugvQvkWWzPqgDAaoE-gFP0Cfi05NapYTAmXtN70vcwP4OJkxGkcidJ9X1N65TShxfqUZwErUFq8OtiynBcwJJZ8Jlke-NbmY2LgJmNfrXPKdbSRrVKwkeoPAG1Iw4pecDxyipfi5pxHHWbCZjWeqFkWVEcvWxNRbKPubJz7vnWCxr2_UZqKTnsJMoC4EFCrHWx9CkinK_NmJNCV_odkoKRth9YusoePtGgXsQzZmtd88vl8x4so8c0cSVjLFaIMo8PTkg0zqVf5o-hsXrXEUJkeDARqxgsnBIr_-pv31CXNSgsjgZqLtxR2JIUkwm7xh7YLGWaaZkUAImIhNZDC3Om3ZZ5jRLWS1hwASqnfy-zwHgBAOQBgGgBk2AB-vn6F6oB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi01NTgxMzY0Nzc3NzIxMDU0gAoDmAsByAsBgAwBsBPCmtoK0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASEuRoC8AqoU14n5sYmBi4Jyys8A%26sig%3DAOD64_3Pw5Lg_86RfcK9dtxQeGX9BQh1sg%26client%3Dca-pub-3104790387792468%26dbm_c%3DAKAmf-Du5rT_FhRLPjtrE35M1MgHd6OuCfQJDUv_vZdts89F45-GdzWbdHwGuxTfzyp4wlhyv5P3dEMvohNi6j26J1EdRByOoG-6wy93Z8pIhmxhxoRY80iarvuSl3Aw0AhDXPsR0plC0rMeA4wDhQfPEw1IV3VCyw%26cry%3D1%26dbm_d%3DAKAmf-Bt0Zih35waWk-MxCWJ2gI5bmBJeCitRmeaXQiV8l1WZWagXGclL9Km5vQAt-FoDCBi7xjnSkgYGhIo4Uh__ZKAjFBZ1smm52uBhwQY_tpLEIby-T9OL3vQ33xSsCnKEyPLPiJ94gQqEeug8ir5X_Y7T3n2nSPYILu8V65NMrqyjvc1IwuGLqWzShhAs068ZkKdWTN2pMmBxNktKj3GS4Dl-cyixDoiNxJbn5YUCC1qWTBkiN2RhhV2XNr4L4bZ-xIbmMphGweXMNky3uvklWUPNwzZojay5zw2uzObwC8OaXzhRyTqQVbNSsM7u7vY-K1g5M0th-iP-Of9LC03E41uTxP1159Toqz57Cw-8eMqYOZmLVMuUQVd9b78kEvZEMF0-IbbMbSnc1cUWucR2PbdrTT_MYWx9TnaEBbFLZRRj5xccNb4gbdbkZcG8VFO0Z_jB8op%26adurl%3D&documentReferer=https%3A%2F%2Fwww.otempo.com.br%2F&ancestorOrigins=https%3A%2F%2Fwww.otempo.com.br&random=6362435446061&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 9219259b9bc3c2d778d40d33ea51d93051d34aeeddd8e36a562eebc112f513aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/

Response headers

Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 01 Nov 2021 11:48:39 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1524
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B69 1 KB
864 B 8ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 31 Oct 2021 18:26:41 GMT
expires: Mon, 01 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 62518
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E366 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75cfc7423f1596ecfb75bab8138a525477b9d7806c394b854cb183ab2f508c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3B69 0
104 B 114ms
61ms Image
text/plain 2a02:fa8:8806:13::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECTz1iLPaLrEcqy-UoXebfI&google_cver=1&google_push=AYg5qPK1k59rfEkuhdCgRVqxGmM5uK8ibiUnUCEuVm1kGNWoTt_WctZFOkty2GBbFPFWqFlr8uWUS_b_mxMhEAp4qF17bLZX0A4
Requested by: Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 3B69
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc...

43 B
411 B

178ms
169ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a74e534789c4a55-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 453
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6a74e5334ec24a55-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKfceDRovC8YquAictDt_4g&google_cver=1&google_push=AYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKV1cFGfpRJX_Ivx9UXFiyeBHU6xSC9aceb8dAVgN1ty-MjGawPAHrBwnvsAzBKt5IeyS_7opiBxSoyDCDTcBCMj18UwNc%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3B69 70 B
265 B 108ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELaAwbNxuOGFPq_Drh0NhJ4&google_cver=1&google_push=AYg5qPJOKrQwBrgxt-wtkNAdTVzRYV34sT-AiDA9Fs8YMMOlXOtfHwA5mUu4C5ibb6K7oeE1QkRtx8BMJhV-RM-qcZ-buG4AhKc
Requested by: Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B69
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDEnK4v53xd4nck6EsjqOes&google_cver=1&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48ak...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDEnK4v53xd4nck6EsjqOes&google_cver=1&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOH...
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgoogle
https://x.bidswitch.net/sync?dsp_id=59&user_id=78c93b83-d9a1-4773-89e3-639f59424562&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM&google_hm=x-ar1VqNSteNaHsbrZUfyg==

170 B
188 B

18ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM&google_hm=x-ar1VqNSteNaHsbrZUfyg==

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPLwmruW_qgJJBxRFa3Mcb3iezWhs0ihjHSHSi83jsuM649k3iEF3_7x4SeysQhq2pV9z8pTg_jvZhgWOHyZ48akSrPWyqM&google_hm=x-ar1VqNSteNaHsbrZUfyg==
Date: Mon, 01 Nov 2021 11:48:39 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET

pixel
cm.g.doubleclick.net/ Frame 3B69
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEPVXDu6yPSgnfTi3AVTE6m8&google_cver=1&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B69
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEGyxyS-oXOfeP1fy1_t2jGc&google_cver=1&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXv...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXvTabu0m4VSKdXBIE9-oTa0&google_hm=NTMyMzU4OTI...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXvTabu0m4VSKdXBIE9-oTa0&google_hm=NTMyMzU4OTI2NDczNzAxMDgyNA%3D%3D

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPKmp6JYDJ4LVRtziu8sHHS4mdV1i7Eua4X5KF_9WJyhes0soBloEe515xJYgZ3DWRTrHoFwXvTabu0m4VSKdXBIE9-oTa0&google_hm=NTMyMzU4OTI2NDczNzAxMDgyNA%3D%3D
date: Mon, 01 Nov 2021 11:48:39 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B69
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKz5XxWbelupxMaXNUgm-6g&google_cver=1&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUg...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKz5XxWbelupxMaXNUgm-6g&google_cver=1&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUg...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iNUZhNFNsRTJ1R3h1ckVDcTNsUmR0Mjhlb1V6LkRLTn5B&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJ...

170 B
188 B

17ms
17ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iNUZhNFNsRTJ1R3h1ckVDcTNsUmR0Mjhlb1V6LkRLTn5B&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUgYIQacT0TbXQA8wPW9jM3XwKy4l

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iNUZhNFNsRTJ1R3h1ckVDcTNsUmR0Mjhlb1V6LkRLTn5B&google_push=AYg5qPIsusZJxSZQ-H1AmJwHcn4BMmYnk2_2YmetUNgyWZTYHFDwGfAHJN7WLUoBa4KfgqyiUgYIQacT0TbXQA8wPW9jM3XwKy4l
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B69 0
12 B 17ms
16ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lys2N6SVoJUhR7ULDqSMAENqt-43yd5_Ey1EyRfbGUJbgbBec14UpOKsJoxL3hFqtxtrA6IA

Requested by

Host: dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
URL: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK 728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 5A22 44 KB
44 KB 59ms
16ms Image
image/jpeg 88.99.70.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.70.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.21.70.99.88.clients.your-server.de
Software: nginx /
Resource Hash: e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 11:48:39 GMT
Last-Modified: Mon, 20 Jun 2016 09:28:47 GMT
Server: nginx
ETag: "5767b74f-af88"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 44936

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 5A22 0
150 B 34ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=24157800094007200710612011765005&a=f96f4399&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 11:48:39 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 5A22 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655
adservice.google.com/ddm/fls/z/ Frame 2467 42 B
262 B 50ms
49ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CLGXkZCM9_MCFcWChQods8YPZQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3203374539364.1655?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E366 42 B
497 B 87ms
51ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPxSBHmfhxErk6_AmRxvPNVAbeV756BU_hteJY41X2BZEXn0w3D6UZTDt46ZPXSBxSdLmNW3noW90VkBh-NMzX4xse0M6w2QIK_99Q&sai=AMfl-YQ6kMkr05X2LsTfwGcUM816xclZhVGZQxhpqnOwE47Olk1GOIx0vlNkhUU2aXLbjca1tqpCtC98830RwaO_A7s2vxsr55lXsjIlyR_7il3iMCQmuJXagogajuQ&sig=Cg0ArKJSzNz_uozwXdgLEAE&cid=CAASEuRoC8AqoU14n5sYmBi4Jyys8A&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211025&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1939272730&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1635767318696&rpt=735&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 11:48:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfMSZ1cmw9fnd3dy5vdGVtcG8uY29tLmJyJnZjbnQ9MiZfZj1fX2x4R19fLnRtcC5sb2dzdF81ZmEwaWlybGxzM2Z2dGRp/ 38 B
206 B 16ms
16ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfMSZ1cmw9fnd3dy5vdGVtcG8uY29tLmJyJnZjbnQ9MiZfZj1fX2x4R19fLnRtcC5sb2dzdF81ZmEwaWlybGxzM2Z2dGRp/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/210916/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 6f5547918556262d04a113f3f67fc27c2e5316999b5f77f78d1298121ff5e4c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:40 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 16ms
15ms Image
image/gif 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=732044564&cmp=-1&api=-1&sid=210916&req=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:40 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 5A22 0
150 B 37ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=24157800094007200710612011765005&a=f96f4399&vb=v
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=24157800094007200710612011765005&a=4711fe31
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Mon, 01 Nov 2021 11:48:40 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzF+c2xvdF9pbXBfdndibH5zbG90X2ltcF92d2JsX2xsdl8xJnVybD1+d3d3Lm90ZW1wby5jb20uYnImdmNudD00Jl9mPV9fbHhHX18ud... 38 B
206 B 17ms
16ms Script
application/javascript 95.211.66.34
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+Njc1NzE5JnNzaWQ9fjEmYWN0PWdfZXZfaW1wdn5nX2V2X2ltcHZfbGx2XzF+c2xvdF9pbXBfdndibH5zbG90X2ltcF92d2JsX2xsdl8xJnVybD1+d3d3Lm90ZW1wby5jb20uYnImdmNudD00Jl9mPV9fbHhHX18udG1wLmxvZ3N0X3FwYjlnMGVoYjQzZ3VxNm0/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/210916/360.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.34 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 205563172c929cc1b2f8193ca5b236d12193cc29d085924dd4e277448af483bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 01 Nov 2021 11:48:42 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 collect
eye.rd.services/ 35 B
92 B 116ms
115ms Image
image/gif 35.244.138.111
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eye.rd.services/collect?e=se&se_ca=form&se_ac=viewer&se_la=assine-nossa-newsletter-a91bfb95c4dc6e8064ac&se_pr=token&se_va=UA-9513496-1&eid=1e0af6c9-2b2c-494a-8278-894bcae1ee7a&tv=js-1.0.3&tna=cf&aid=9fa296e82a976359fe8ea69a490d6738&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&dtm=1635767322017&vp=1600x1200&ds=1600x1200&vid=1&sid=7180319a-d86b-5fed-908d-916ba5d5adef&duid=064049fe-6133-55f1-9810-318b49f281f4&url=https%3A%2F%2Fwww.otempo.com.br%2F&stm=1635767322019&apikey=9fa296e82a976359fe8ea69a490d6738
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.138.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.138.244.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 11:48:42 GMT
via: 1.1 google
alt-svc: clear
content-length: 35
content-type: image/gif

GET
H2 200 collect
www.google-analytics.com/ 35 B
130 B 14ms
13ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1027726375&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.otempo.com.br%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=RD%20Forms&ea=Viewed&el=assine-nossa-newsletter-a91bfb95c4dc6e8064ac&_u=aDjAAEADQAAAAC~&jid=&gjid=&cid=768733007.1635767316&tid=UA-9513496-1&_gid=2115691587.1635767317&gtm=2wgar05BKLMTQ&z=2106322583

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.otempo.com.br/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 01 Nov 2021 05:30:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 22664
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: checkpoint3.gocache.com.br
URL: https://checkpoint3.gocache.com.br/

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk

Verdicts & Comments Add Verdict or Comment

212 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.otempo.com.br/	1970-01-20 07:09:49	Name: _vwo_uuid_v2 Value: DA83DC999B468C32B13E8F870D37F03A4\|70e98b7635398ea595f81740a04d4472
www.otempo.com.br/	1970-01-20 07:51:35	Name: _cb_ls Value: 1
.otempo.com.br/	1970-01-20 00:46:47	Name: _vis_opt_s Value: 1%7C
.otempo.com.br/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.otempo.com.br/	1970-01-23 13:58:47	Name: _vwo_uuid Value: DA83DC999B468C32B13E8F870D37F03A4
.otempo.com.br/	1970-01-19 22:22:49	Name: _vwo_sn Value: 0%3A1
.facebook.com/	1970-01-20 00:32:23	Name: fr Value: 0G8S4RH3QqrBDJ1po..Bhf9QU...1.0.Bhf9QU.
.otempo.com.br/	1970-01-20 15:53:59	Name: _ga Value: GA1.3.768733007.1635767316
.otempo.com.br/	1970-01-19 22:24:13	Name: _gid Value: GA1.3.2115691587.1635767317
www.otempo.com.br/	1970-01-19 22:22:49	Name: _gada_ses.6032 Value: *
www.otempo.com.br/	1970-01-20 15:53:59	Name: _gada_id.6032 Value: 715e0e51-ac1a-4bf4-bacd-492fcee029ff.1635767317.1.1635767317.1635767317.62ac078e-a007-4d72-984b-bcbfab541140
www.otempo.com.br/	1970-01-19 22:24:13	Name: privAu Value: 0
.otempo.com.br/	1970-01-19 23:49:11	Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241635767315%3A18.26731713%3A%3A%3A13_0%2C3_0%2C2_0%3A0
.navdmp.com/	1970-01-20 15:39:35	Name: nid Value: f9ec96b1a76e5c74bc7bb94e009\|1\|331
.otempo.com.br/	1970-01-19 22:22:47	Name: _gat_UA-9513496-1 Value: 1
www.otempo.com.br/	1970-01-20 07:51:35	Name: _cb Value: ucsIdCroe9AiRXM5
www.otempo.com.br/	1970-01-20 07:51:35	Name: _chartbeat2 Value: .1635767316900.1635767316900.1.7aLYK5_y26Bv0gSUBN34RLD-30n.1
www.otempo.com.br/	1970-01-19 22:22:49	Name: _cb_svref Value: null
.otempo.com.br/	1970-01-20 07:08:23	Name: nav67531 Value: f9ec96b1a02c1537a0d8033d809_306
.mathtag.com/	1970-01-20 07:48:42	Name: uuid Value: 1493617f-d415-4d00-8140-703ae45a65f6
.otempo.com.br/	1970-01-20 07:08:23	Name: __trf.src Value: encoded_eyJmaXJzdF9zZXNzaW9uIjp7InZhbHVlIjoiKG5vbmUpIiwiZXh0cmFfcGFyYW1zIjp7fX0sImN1cnJlbnRfc2Vzc2lvbiI6eyJ2YWx1ZSI6Iihub25lKSIsImV4dHJhX3BhcmFtcyI6e319LCJjcmVhdGVkX2F0IjoxNjM1NzY3MzE3MDgwfQ==
.otempo.com.br/	1970-01-19 22:22:49	Name: _rd_wa_ses.ce18 Value: *
.otempo.com.br/	1970-01-19 22:22:49	Name: _rd_wa_first_session.ce18 Value:
.doubleclick.net/	1970-01-20 07:44:23	Name: IDE Value: AHWqTUkb1vrU6jE9zQdGq8pJvgdINpgmnfirzydMRf0d5NhjQwTdqdEQoc_1rt1STxM
.otempo.com.br/	1970-01-20 07:44:23	Name: __gads Value: ID=48372d135cec130d:T=1635767316:S=ALNI_MaSH9Qnx_f3RIeQeH_GTxIaYysGxA
.adnxs.com/	1970-01-20 00:32:23	Name: uuid2 Value: 2025203569802043752
.casalemedia.com/	1970-01-20 00:32:23	Name: CMPS Value: 5205
.adnxs.com/	1970-01-20 00:32:23	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVUdWBAy!]tbPl1M>e)ZlrFUfJ+tGXxo3G97u$Ah)YZWqa4cZ-Xx694?AaaVmTx4Cw3bpRzqF1`b`37*2An3
.casalemedia.com/	1970-01-19 22:24:13	Name: CMST Value: YX-UF2F-1BcA
.casalemedia.com/	1970-01-20 07:08:23	Name: CMID Value: YX-UFy9PyRj2plzIwyPNxQAA
.casalemedia.com/	1970-01-20 00:32:23	Name: CMPRO Value: 1198
.casalemedia.com/	1970-01-20 07:08:23	Name: CMRUM3 Value: 2d617fd4172760CAESEC3sHC4mI20FN6cRpa3SqBc
.redintelligence.net/	1970-01-20 00:32:23	Name: 8lcfmzhxc8d6_uid Value: 0f6e6b91bf688023
.bidswitch.net/	1970-01-20 07:08:23	Name: tuuid Value: c7e6abd5-5a8d-4ad7-8d68-7b1bad951fca
.bidswitch.net/	1970-01-20 07:08:23	Name: c Value: 1635767319
.bidswitch.net/	1970-01-20 07:08:23	Name: tuuid_lu Value: 1635767319
.yahoo.com/	1970-01-20 07:08:44	Name: A3 Value: d=AQABBBfUf2ECEBfLM34-SAIzIp3Dj7fIlysFEgEBAQElgWGJYQAAAAAA_eMAAA&S=AQAAAlkHqTODy8h2mt5xLdL2u8o
.analytics.yahoo.com/	1970-01-20 07:09:49	Name: IDSYNC Value: 18yx~21ab
.smartadserver.com/	1970-01-20 07:53:01	Name: pid Value: 5323589264737010824
ads.avct.cloud/	1970-01-20 07:08:23	Name: uuid Value: 78c93b83-d9a1-4773-89e3-639f59424562
.tribalfusion.com/	1970-01-20 00:32:23	Name: ANON_ID Value: axnseFsKBRgFmDqU7puxU5hZaJt52BE8yAUSbMHmUsETgvU2mYOLTwHka3PImtt4dlnkgrW3jRb3jYvb7lDhs
.otempo.com.br/	1970-01-20 15:53:59	Name: _rd_wa_id.ce18 Value: 064049fe-6133-55f1-9810-318b49f281f4.1635767317.1.1635767322.1635767317.7180319a-d86b-5fed-908d-916ba5d5adef

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102501.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIusEzh3LqRJVv5MCRf1QqJxppMNx6yRZoa1PgiL-yCZ6gHy2x-_gId33lr7Gcns1GC5nOxqETYJ1uK9Spx2pdfAV48JRk Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
javascript	warning	URL: https://www.otempo.com.br/ Message: The resource https://www.otempo.com.br/js/swg/gaa/MeteringFlow.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://www.otempo.com.br/ Message: The resource https://www.otempo.com.br/js/swg/gaa/MeteringOTempo.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
a.tribalfusion.com
ads.avct.cloud
adservice.google.com
adservice.google.de
cdn.contentspread.net
cdn.navdmp.com
cdn.onesignal.com
cdnjs.cloudflare.com
checkpoint0.gocache.com.br
checkpoint1.gocache.com.br
checkpoint2.gocache.com.br
checkpoint3.gocache.com.br
clickiocdn.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d335luupugsy2.cloudfront.net
dclk-match.dotomi.com
dev.visualwebsiteoptimizer.com
dfe9ac3462452c034f6e6d356aa1a33b.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
eye.rd.services
fonts.googleapis.com
fonts.gstatic.com
forms.rdstation.com.br
gadasource.storage.googleapis.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90005.redintelligence.net
i.ytimg.com
ib.adnxs.com
ivccf.ivcbrasil.org.br
match.adsrvr.org
onesignal.com
otempo.com.br
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.mathtag.com
pj.l.a8723.com
popups.rdstation.com.br
rum.gocache.com.br
rum.goedge.me
s.clickiocdn.com
s.tribalfusion.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.chartbeat.com
stats.g.doubleclick.net
sync.navdmp.com
sync2.navdmp.com
tag.navdmp.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
usr.navdmp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.otempo.com.br
x.bidswitch.net
checkpoint3.gocache.com.br
cm.g.doubleclick.net
138.201.63.164
138.201.63.165
142.250.181.226
142.250.186.102
142.250.186.162
143.204.101.189
143.204.98.123
170.82.173.10
170.82.173.25
170.82.174.10
18.192.203.176
185.33.220.242
185.86.138.131
2.18.233.201
2.18.234.21
212.82.100.182
2600:9000:2156:9e00:18:1fcd:34f:cdc1
2606:4700::6810:125e
2606:4700::6810:cf3
2606:4700::6812:c05
2606:4700::6812:e234
2620:108:700f::36d6:637
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2010
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2016
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9d
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
34.107.182.233
34.68.90.188
34.96.102.137
35.174.241.169
35.244.138.111
35.71.131.137
52.17.151.21
52.21.62.223
88.99.70.21
95.211.66.34
0027e6f73c4e3aff42fe41d15ee4c631f28823b829c66e8f251ce2e782c4fa47
00f743bcabfa2778a233f780806b22ef33a4ca4b3852acf38e62a7b803d8d3d0
027ec24ad8c31ce3d970ce5860a15c734cdb1aa13c9857f5b94da5298645943b
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
03d18cb7ad1dd10fb7b9eb7edfab1c02377ee1859d7037dcb261274e00722fe1
044c7e3f592ff19980dc1bc23be2ec547a55a848b662e01266d9f2437c897d70
04d07be731cae0706f3461ffaf7da5541f6d1b98345d2c22315b5e073e5a5a2a
089933c6869fba14c26ccf1e7384a62624fd618e9a5a39885932d95b19f19c8a
0a394e36853a711be6b0576d0d95ad2f4b35886e3b0a5ed74cb1f3f24aca8963
0addc3e0bfcecd7e25d798185260e425c0d366a740fd38e763ea3bf9931aa41a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
0e6d97518db5d932459f07ed4047795a6a41b5116a17c7d22360a7517da4d821
10184189200940068f193bd91bc2f2f500d740bc0d1805f7936345f61d65ffe8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10ee842f5c14e29f156af2f2802348ce839e25377da5d5403d3f954ab69575fd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12ad5147461ce939bd6e8fc48b1a209207d83bb32a76b58904b57a789139a7ed
141640cc151ef08ed70f898516324710ab306f816930ec42cf6eb198d90054fc
1563987b6b63af0ca93435f1b2e13767c6b0b005b28d02c9bb155f3ddbbd5c1c
1b1b3e52d1e2a6447cb44e926b678e462e533250d2005125584da884dd1ef377
1b2dc21fc91fd94ef65e817fe9588ae557a3faf284fe08752b7688bfac1f617d
1bfb7e8b9103050fd11a449c7cfebb443168249673ddd0e051379240c76ce0c1
1ebee7ef384c9b943d3fb54e8d47a13ce9e12acd525f2105a327bd57c012f5ac
1f3cd9162638b743c8bf4d939bcfd1dc256f2e97231e13b5cff600502a78a10e
1fbe66d2920b8112855b2514fec350c637ea6928f7fe76dfd98b5ae0fe0ff111
1fe707eb17053b5df59f8a4871a3f83165bf74bbbfa8f529a4a23c25b8c94055
205563172c929cc1b2f8193ca5b236d12193cc29d085924dd4e277448af483bb
20f7396f30644443e05d6576286375416ac59d3c7007ac438ec04ecf0c17b2d1
21a306a350dff0a6c34fec40b48eae20207f4732277267df015c85f6923857a4
21b6dcdd7a548bcd043a3c56b8cd9ffcf88c3056f575f815b9a04fae1de73c2f
227b12c7ca9aec901c5dafa7d81cd8392f1187dae6bcb525ee86f7e6f104ab66
2298442b1dd926cc46247711cef5cdeaa58534ac9dd9368063589431b5844a72
24a407834557751c1cc8faa7f3b78445c087c774ca6bdc5484026062d38a29ef
24d5585f2965f7d5080769a4286d580a98d722b18964b999ef6b87ba13c11f2b
256be35713d2a968c8ffc124a1f64267e583a838530e2cc80a5ef16361aa4719
259677ea1ae70e942f2610f85bd8bf4fb677608cef0e55a89ad40884b674e645
2742a5761f69ea22f44c1c831d186ea60be98db7918ed864861d601a9256bd5b
277bd573ee7861c227aeb93b3600995791a78daba68d2e9407b07c75f72583e0
2b9e1d1e3d108d636fae7948ae8a7a977d5e44ee5e8f1ae83bdf149818672d02
2be0e6f225d59e663788aad4a17d4befabdf04295e89fa052c0ff774ff5aa34e
2e0eec7b4ef2c1ee56136cc88c5776a32fea7b88fd6d477f3e1588db23782639
2f9bdce130db28a85539ed0526eff3e9aa467d984a3a3fe03dca957642c44859
31b49ef3eeed0c1eba9cab5217b4fc65da90afd251875296ff34f3070876d5b0
329ad70715f78946699e0295a75baaf227b5666c2bb01421844b3113a9008be1
374855540c21fd02af861df04a731813beee3622dda2e4007945166254258a0b
39a6656ffc66bddce607162bc40ea34514c047560c5b6021cfc605a02b1376e6
3aac2de405a61ad8d55540494885fc47dfc1840a0b0b995fa0ebce371e3ddbc7
3b71e63934fb92269d39bb6c94dd0aba24eeac21ec07debc23f96773060b026e
3bf2591e5b025191e3bc01dc734cdd954ba2e6bebb228f7c327705f8f09acecd
3d8fb8f42d6977b0742e48ffced1f2a6f7d631dc8e6b83458530d2e4436ed2e6
3da147ae238cf8f7d1468848633a36371519ed28b3c5e2bdf22badbfb17a22ea
40aec88ea3c463e06e6c1d3eaab132f0ec2eb95d44d005fc9f8f661c78c1b6b3
41056423ebf8bf7089e82c27f187c5c4144dd60b09ea754abef5dbfaa6e1c7fc
412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1
4364e30a2fa51dab067fde1a2c039570baa917a1aaf98e166b06d1ed955801b2
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
4986430f00f2e7e1901f04db4d905a146b0f1b15954258ff77cef33e265825bd
4accfd41d9a87116240e3a963c71473cc13c77eabdf87f66c7b74df9af90e3c3
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
4fc80bfa632f654315d4904f5f4fec7db5dbd7796cfc718b7d193576ab84dd97
50117e23f7a0e63cef0b0c4a80d76fba98a1faf01cec5447a2fa892d189c3977
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5329f1039fea895c782fe96715c26315f5bba9b6875367ba63bda0087d387a7e
533193bfc18988c251f33271e0709165355ea7e991a78953916f5ebeb0b49409
5430df5b7229ec25f4a7e37ac51119e68a4b4263bcc3dbaef8985fe6962e6cc4
572d89122bdf10f5781a7aa25f96c0e59f270ec3f280c29d26ea2faadfe54125
5a8ff92afed926eebd2a267cf43413d5f55399c5596fc497ed3c30eaafec0a12
5b2dcaadc4236461579ff1036430dd6f60eccef708d0c5c818669258328411d7
5ca675057ffeda71c6452c7d0f6bf33b5a878caf967ba154e4518f8eb0a00b54
5d5ebef52eaec62d7fbee8904cad7985dd9816a041fccdf14ed2e44a67ab2be1
5dc00f89574d14108e9396b507374e7c09be2943e147eeaff6738f19b46cb55d
60b5c8ddeec3e7cabd6323fb9c0a6f5e5d6e11f992afae9948f662e4897a2f6d
627f63086bdf16bb84922d3db03bc854e992220c8aba24d0a6ecfd23f8b56fe5
62894e21310ad30458d50c4ec5a38889092498119bd337fbaabed88772a0b14f
63dd9340bf7f1ac6a576e8a0d2467f9270158ff446de0158df6a3a57cb08f4df
66605354c976d59e4cfa85ab40395101882a1efacd6545720d21466843b5dc84
68e81fe80a48b21c742f0f4abab3593f32565bff3ef2fbff5d43979cad79e526
696bc746b95e1721f0b5e2e0a3664349f92171d528c818df3dde76093588e92b
6a7056bf64335b91be5785e0039d0c891bec3fbcd4bf82b33e26f040ba4cc632
6ad5c4b5ece27355df0d6827cb2ed58416baada668a58b0ce5478def83a4bb48
6c097b6a34efe31e272e1fbd3e7cfef3fc02b8938ed887bfa2e40c70492ffd5b
6df48c573ef0e78619dc364c61f8e39a60e69f1d7e4f49000d6f6f40270c0c3e
6f5547918556262d04a113f3f67fc27c2e5316999b5f77f78d1298121ff5e4c0
70c4628f16336e32e13db59b74f4b7890de61f8b9b725391a066ad3e25be3b3c
7155d8dd40ece849d72213770b3a5b84467de8c6cab5c3bda3266808502cb69b
72c92c94f2b9e99353c6d70c304dcaee25403167c1153eea99e97852df554cfc
756ad69947a080838869491fa44aad777bc49bde56b140a56be3b13ca9c47e20
75cfc7423f1596ecfb75bab8138a525477b9d7806c394b854cb183ab2f508c07
76501ecd63b29f261443a138d974ce3c1abab0b10025ddd19757e64f79da83cf
7947cdfb10a5feee47f0d3be5b065da31b6db983e36c6b42da1e22dd6cdcfc84
7c7fbe70afb1f1facbf73b3d120bc0f6e6f0dae1c5b629160fefd56d546dbdb5
8166d358b06a61d9bcb069faf7fb16fdc6b6a70e8dbdaea3092116998e2a57ef
824713cf06bbb69f013b006bd96249f94b72011c3726c75ba90b89419d115a63
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8793918bdc8874e7aa4aa0c875da752f3970eaf290cafd0810fc17423a96245d
888e5142372c313294e9189d73466e0addce765ab7acf82ea9512d8aab384c43
88eb1e5c85808037aff5bab91a5b2d29e9990c2d2e5710f3fccf6d406c8fa275
89aaeda4ec9bf0939e53d0d355c025717a9db80b87966b3a4707b7d9551877a8
8b7752a6d87d795aaca263858f41a6857e01d3e46d2a96d759d337e53676bc39
8c7b69197baee12be7d8f9b455adac5771f9239bd92cbe312208166b9edb4017
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dbddd8b30a257049818cf8b378ab865a672509a389f6cf8e00763a05477eb73
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
8f43a70eed0b2fb553ea89ceebb728a89781ee144ec6f877a3c9b3358706e03f
8f68a30fc2b89802a145ca90bb186ff86d745e32c156ff6abc147e4c0d6179c3
90aa38eef2216f9e249c437565e2fbe92481227f6044f09ad7518c0a462afeb0
9219259b9bc3c2d778d40d33ea51d93051d34aeeddd8e36a562eebc112f513aa
926dfb0f9a8bf7a539979d79748ca5de92e0b8ac54b1bd87af2cc0ae7bda57f9
939b4f5c505097e74e93c3a6a82b69b516bb6d160d449bafb37edb72ab260c1d
93d41263535236b49bc4122b5e9bcb5c44f0fd8c89c7e75b843384aa19f64d11
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
97ebd3e0873352a3f71eab338178898c6f782b18806e0312432708d48e46f206
9a386695457a1d725f9381a0090731518de37c306c1df093eab9aa4386545315
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9adb8966741a2cf65d6d8a80c2c1a7f0b6c7de00813cc626168aeffe9bc400f4
9b65df980275cd1840177bcf7466e5e7e6acffa815118e993f9a6f5a76318ab9
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
9c468b286aad602c6bef9c2f070300ec190a95297e217ab21814b64699500a8a
9c95cbcd39c056d8506cc012f727ce3417b1bcd4d4fd809bb600e8637c29ca53
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0683e3180373bcd9dac663c0a7de174c64bb8d4d239803d8cad5acd8ca906cb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56b9b5d08e9b814ff67582bc06866c2e615855839f5bd128ced7dbd8df29b4a
a68634b58dc205424e8787adc54156f5071258d9927f6b76d7d89e8ae4e1ec09
a6de304c233a1b4d07424cb88ba16dc46fb015b3f659cdb2b2357e96af161082
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7882fd2f77e43c7624fc404202f7eb213c54835006e43adf58a0d20bb587011
ac6a6758edb1eb1f09f3888fdf5e086dc65b18e59e6c93e60fee0952f586d94f
ae36fdaa8954bc0d2b972880ba7d5138e8291cb555a4f2334fb0bd03dc6a7a17
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b09793b2463d1b2e988ac2736ce7bc7e6674325ea3ccd1545e36dec5fb8ebe86
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2625da2aaa81043b1c928dc8af867ac296f015d7e6b9bec5ebed8a64894df57
b2f0dd7edecd5a5b6e64e574383422d4b15f99414e2f7e55f949f747e6bee530
b47a0848f8ced1799f225741823cf3c289522d18a4851b7dcf487e734113c7f9
b6372ab5ba8853d6052efbc8fb57c777f387dfb83820bcf4b1bb1e55f54826bb
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b715761e92524c9442ef612af378e2fdf19167f92492568f4961260e9f377a0a
b7713945f0eb31de3278249e78eeb7126c636a5f008df5dc0b5d7457df69266b
b7b3eeaceb7dc6ea687296d24449049c5994acd922e0f2780ebac563eee4e759
bca6b188eb1480e05b95076256eb0ebd7998a3b95e566053526e286bf89c1c38
be9ebd28c7b7696b0137018add6be6be4747b0e80d9b131d89a8fb56ab98e1e5
bf5434daeda27dc8f643388d7264c12ea5bc7a977dd62a38e203119937adbf60
bf97e16e7826f85f631d7e7324d5c3accc52f038bbbf82b6d2975bea2e961729
bfecf4db01c34ad182e3f190a3f0d3de98234e3225641ed1d014f04921d77b78
c095d75f2788a553f3eba8c8f232906d0fffda9bb12f3995945bed6e9681f263
c1fd7f704820f02a820c5c00e294273909bb84348095f7e754da2033b2296e57
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c4561e339051a53a4aa2e9d1b151c3aedc9361c18179e7800efbfa892b6b2820
c52e89074cb0440a6db05393e4b9641f39325b0585a580914cd400dc42ea206e
c780d2d44a98ec8b4999956aba58e4e51ce5cfc28c63787dccb144af156b3895
c7de4aecf97ae8e56c810f5401958d55ec8cab4583783c253ef91d4f4bc3150a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbed74f9419f746c7328ae9f9c52a1e6428e73bfea7fa6e136d08250db104db7
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
cd02f343591baac76956e13a79421b4748836fa80a7b61138cbb93d510a36f71
ce8e13842c78096bd744fe781a7bfeec32dbecf983a8cd0d5a4cb9c4bea0b5b7
ceb8bbb093ffffb533de82b22bc067dd00f597b0e2107cfc9e309c8062cd3a67
cedb226bd7759d04b58baa1a609e1aeecc1aa5c6c3280c4db153019f426f3de0
cf45acf0ab9c30a993f82fe4015812c5594298563bfc8802387ce27fbd5db923
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7c89923ec474c62040ec12538f0e8d7da4f59aabc37cbe77aaacb18132fcc6
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2d273c4d38d90a4d6dd605627e00483a5fdf7e12e4a87bb96a3ad66296fa880
d5f3a5281e1de4d8910f5d53d67783695cfed897ce394816320695e5783cd91b
d69bfdf48ba7d2b62e0fbd4ed2acffd05a73727a00d7d5288bc629366276ad4a
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc62767f0f6ef739aa8ea6ee22d3609d90e446e02cdf7d20db29b5700573daff
dc9ed0e0f074d6270a4125e665fed05d446740128f4d7f51ada7401e6c1a0f3a
dcd346804a786db16b40af2672924a5b8787623f71d648a017da7e236e1b19b4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df660fd3ad4168b7c32eadc3b588ee90334003a7ea1af3299536be4e6697fcd9
e0a078eee605ad519d883a0d4c0f2e158e363d5d90c30e7f3a5714f27a735c90
e21a55e38e165f3dc479790adf3cd1f7ca11550ca278fc93e51b22223f0b9acb
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5367af46c985c8ca3c4f6465b31c142fbd23295464aaaa16f93262ed625fe11
e537b403631b2ecf3484b483dd67a08257a0590317813803ca9c1b98790cd9f7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6340844af1c0a02b8150c4bc93d54d679f716452d6a97cd99ed45786e97ed8f
e684679efd57d4e36ba60b640925135bd001556e05839348e33baf256aa03eff
e7e2e87c244f36979b226c78ddfc679eab31179183abb995bee76573d3ec4879
e8512b19fe776b8480e575541439b5e8bf2e5a1a63e6513363edce30cf8b8de4
e8d65bb769468815ab3997d5b840f6ebadc9fe84cc37216f5cc8cc191adc6448
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e987d98e0b22f59823ab7807c523dc6467581f2d079eb05f8104d8bfe3612b93
eaaa6059ef4c9ca12e78fcc03ae77ad4cbf05dc73c1fedf64b28a632868bd829
eb3cab20481098efec08a37cd1163946f92a3cdcdb4fe5098d89828915af719e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cd97361029231f60fed13cfcf4b7647194819d1e7510777a42c0757e9614c3
f4457cf32b25c5c025f3863d9c6942b6cbbe7cac5a2c2d1380f00a059c9555bc
f615dfb2a8d9c305b4031e1d3146422ec6297c0d31ba15ded74ebe25a3619f3c
f617f255fa1d2353551113c1abee6a3960d019007482d7528022de09a23512ec
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8427abca544411fcee4ace1287f9917eeb52b36db26b20ea6d69b380586038c
fa488b7ed1fcd68f0f9b7270ca32bee8a10f65085ed430f77198bed49a22c64c
faac50601bcf6d1bb3b9f4d6107e0ad497afe50657733f1fa7947697e825b437
fd15ae0fa6a76010d762ff35b0145d122424a525ab1cf5408d079df58600038e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd497a0a40955f30c3f448f7a492ec372b0b79ea21b06a635462431687640b83
ffd471976ce48b154882867089bc66a95139acc9b0963d022d58cf854b182323

www.otempo.com.br Open in urlscan Pro 170.82.174.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

242 Requests

95 %HTTPS

47 %IPv6

39 Domains

63 Subdomains

46 IPs

9 Countries

2184 kBTransfer

5595 kBSize

42 Cookies

0 Outgoing links

Page URL History

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.otempo.com.br Open in urlscan Pro
170.82.174.10 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

95 %
HTTPS

47 %
IPv6

39
Domains

63
Subdomains

46
IPs

9
Countries

2184 kB
Transfer

5595 kB
Size

42
Cookies

242 HTTP transactions
4 data transactions